← Back

CVE-2021-41833

nvd nist
Published: Nov 11, 2021Modified: Jun 17, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution.

Affected (39)

Zohocorp
1 product
Manageengine Patch Connect Plus
Configuration A
39 vulnerable
Vulnerable SoftwareAffected Versions
Zohocorp
Manageengine Patch Connect Plus
Before 9.0.0
Manageengine Patch Connect Plus
Version 9.0.0
Manageengine Patch Connect Plus
Version 9.0.0 build90001
Manageengine Patch Connect Plus
Version 9.0.0 build90063
Manageengine Patch Connect Plus
Version 9.0.0 build90064
Manageengine Patch Connect Plus
Version 9.0.0 build90065
Manageengine Patch Connect Plus
Version 9.0.0 build90066
Manageengine Patch Connect Plus
Version 9.0.0 build90067
Manageengine Patch Connect Plus
Version 9.0.0 build90068
Manageengine Patch Connect Plus
Version 9.0.0 build90069
Manageengine Patch Connect Plus
Version 9.0.0 build90070
Manageengine Patch Connect Plus
Version 9.0.0 build90071
Manageengine Patch Connect Plus
Version 9.0.0 build90072
Manageengine Patch Connect Plus
Version 9.0.0 build90073
Manageengine Patch Connect Plus
Version 9.0.0 build90074
Manageengine Patch Connect Plus
Version 9.0.0 build90075
Manageengine Patch Connect Plus
Version 9.0.0 build90076
Manageengine Patch Connect Plus
Version 9.0.0 build90077
Manageengine Patch Connect Plus
Version 9.0.0 build90078
Manageengine Patch Connect Plus
Version 9.0.0 build90079
Manageengine Patch Connect Plus
Version 9.0.0 build90080
Manageengine Patch Connect Plus
Version 9.0.0 build90081
Manageengine Patch Connect Plus
Version 9.0.0 build90082
Manageengine Patch Connect Plus
Version 9.0.0 build90083
Manageengine Patch Connect Plus
Version 9.0.0 build90084
Manageengine Patch Connect Plus
Version 9.0.0 build90085
Manageengine Patch Connect Plus
Version 9.0.0 build90086
Manageengine Patch Connect Plus
Version 9.0.0 build90087
Manageengine Patch Connect Plus
Version 9.0.0 build90088
Manageengine Patch Connect Plus
Version 9.0.0 build90089
Manageengine Patch Connect Plus
Version 9.0.0 build90090
Manageengine Patch Connect Plus
Version 9.0.0 build90091
Manageengine Patch Connect Plus
Version 9.0.0 build90092
Manageengine Patch Connect Plus
Version 9.0.0 build90093
Manageengine Patch Connect Plus
Version 9.0.0 build90094
Manageengine Patch Connect Plus
Version 9.0.0 build90095
Manageengine Patch Connect Plus
Version 9.0.0 build90096
Manageengine Patch Connect Plus
Version 9.0.0 build90097
Manageengine Patch Connect Plus
Version 9.0.0 build90098

Related CWEs

CWE-434
Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.