CVE-2021-31159
First published: Wed Jun 16 2021(Updated: )
Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ManageEngine ServiceDesk Plus MSP | >=8.0<=9.4 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10500 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10501 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10502 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10503 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10504 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10505 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10506 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10507 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10508 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10509 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10510 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10511 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10512 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10513 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10514 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10515 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10516 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10517 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-10518 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8000 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8001 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8002 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8003 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8004 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8100 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8101 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8102 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8103 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8104 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8105 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8200 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8201 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8202 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8203 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8204 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8205 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8206 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8207 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8208 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8209 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8210 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8211 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8300 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8301 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8302 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8303 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8304 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8305 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8306 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8307 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8308 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8309 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8310 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8311 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-8312 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9000 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9001 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9002 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9003 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9004 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9005 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9006 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9007 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9008 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9009 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9201 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9203 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9204 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9205 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9206 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9207 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9208 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9209 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9210 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9300 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9301 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9302 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9303 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9304 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9305 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9306 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9307 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9308 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9400 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9401 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9402 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9403 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9404 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9405 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9406 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9407 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9408 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9409 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9410 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9411 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9412 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9413 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9414 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9415 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9416 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9417 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9418 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9419 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9420 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9421 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9422 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9423 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9424 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9425 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9426 | |
| ManageEngine ServiceDesk Plus MSP | =10.5-9427 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-31159?
CVE-2021-31159 has been classified as a low severity vulnerability as it allows for user enumeration through improper error-message generation.
How do I fix CVE-2021-31159?
To remediate CVE-2021-31159, it is recommended to upgrade Zoho ManageEngine ServiceDesk Plus MSP to version 10.5-10519 or later.
Which versions of Zoho ManageEngine ServiceDesk Plus MSP are affected by CVE-2021-31159?
CVE-2021-31159 affects Zoho ManageEngine ServiceDesk Plus MSP versions prior to 10.5-10519, including versions 9.4 and earlier.
What impact does CVE-2021-31159 have on users?
CVE-2021-31159 potentially exposes user account information by allowing attackers to determine if specific usernames are registered.
Is there a public exploit available for CVE-2021-31159?
Currently, there are no known public exploits for CVE-2021-31159, but the vulnerability can still be exploited through the user enumeration method.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/zohocorp
- canonical/manageengine servicedesk plus msp
- version/manageengine servicedesk plus msp/8.0
- version/manageengine servicedesk plus msp/9.4
- version/manageengine servicedesk plus msp/10.5-10500
- version/manageengine servicedesk plus msp/10.5-10501
- version/manageengine servicedesk plus msp/10.5-10502
- version/manageengine servicedesk plus msp/10.5-10503
- version/manageengine servicedesk plus msp/10.5-10504
- version/manageengine servicedesk plus msp/10.5-10505
- version/manageengine servicedesk plus msp/10.5-10506
- version/manageengine servicedesk plus msp/10.5-10507
- version/manageengine servicedesk plus msp/10.5-10508
- version/manageengine servicedesk plus msp/10.5-10509
- version/manageengine servicedesk plus msp/10.5-10510
- version/manageengine servicedesk plus msp/10.5-10511
- version/manageengine servicedesk plus msp/10.5-10512
- version/manageengine servicedesk plus msp/10.5-10513
- version/manageengine servicedesk plus msp/10.5-10514
- version/manageengine servicedesk plus msp/10.5-10515
- version/manageengine servicedesk plus msp/10.5-10516
- version/manageengine servicedesk plus msp/10.5-10517
- version/manageengine servicedesk plus msp/10.5-10518
- version/manageengine servicedesk plus msp/10.5-8000
- version/manageengine servicedesk plus msp/10.5-8001
- version/manageengine servicedesk plus msp/10.5-8002
- version/manageengine servicedesk plus msp/10.5-8003
- version/manageengine servicedesk plus msp/10.5-8004
- version/manageengine servicedesk plus msp/10.5-8100
- version/manageengine servicedesk plus msp/10.5-8101
- version/manageengine servicedesk plus msp/10.5-8102
- version/manageengine servicedesk plus msp/10.5-8103
- version/manageengine servicedesk plus msp/10.5-8104
- version/manageengine servicedesk plus msp/10.5-8105
- version/manageengine servicedesk plus msp/10.5-8200
- version/manageengine servicedesk plus msp/10.5-8201
- version/manageengine servicedesk plus msp/10.5-8202
- version/manageengine servicedesk plus msp/10.5-8203
- version/manageengine servicedesk plus msp/10.5-8204
- version/manageengine servicedesk plus msp/10.5-8205
- version/manageengine servicedesk plus msp/10.5-8206
- version/manageengine servicedesk plus msp/10.5-8207
- version/manageengine servicedesk plus msp/10.5-8208
- version/manageengine servicedesk plus msp/10.5-8209
- version/manageengine servicedesk plus msp/10.5-8210
- version/manageengine servicedesk plus msp/10.5-8211
- version/manageengine servicedesk plus msp/10.5-8300
- version/manageengine servicedesk plus msp/10.5-8301
- version/manageengine servicedesk plus msp/10.5-8302
- version/manageengine servicedesk plus msp/10.5-8303
- version/manageengine servicedesk plus msp/10.5-8304
- version/manageengine servicedesk plus msp/10.5-8305
- version/manageengine servicedesk plus msp/10.5-8306
- version/manageengine servicedesk plus msp/10.5-8307
- version/manageengine servicedesk plus msp/10.5-8308
- version/manageengine servicedesk plus msp/10.5-8309
- version/manageengine servicedesk plus msp/10.5-8310
- version/manageengine servicedesk plus msp/10.5-8311
- version/manageengine servicedesk plus msp/10.5-8312
- version/manageengine servicedesk plus msp/10.5-9000
- version/manageengine servicedesk plus msp/10.5-9001
- version/manageengine servicedesk plus msp/10.5-9002
- version/manageengine servicedesk plus msp/10.5-9003
- version/manageengine servicedesk plus msp/10.5-9004
- version/manageengine servicedesk plus msp/10.5-9005
- version/manageengine servicedesk plus msp/10.5-9006
- version/manageengine servicedesk plus msp/10.5-9007
- version/manageengine servicedesk plus msp/10.5-9008
- version/manageengine servicedesk plus msp/10.5-9009
- version/manageengine servicedesk plus msp/10.5-9201
- version/manageengine servicedesk plus msp/10.5-9203
- version/manageengine servicedesk plus msp/10.5-9204
- version/manageengine servicedesk plus msp/10.5-9205
- version/manageengine servicedesk plus msp/10.5-9206
- version/manageengine servicedesk plus msp/10.5-9207
- version/manageengine servicedesk plus msp/10.5-9208
- version/manageengine servicedesk plus msp/10.5-9209
- version/manageengine servicedesk plus msp/10.5-9210
- version/manageengine servicedesk plus msp/10.5-9300
- version/manageengine servicedesk plus msp/10.5-9301
- version/manageengine servicedesk plus msp/10.5-9302
- version/manageengine servicedesk plus msp/10.5-9303
- version/manageengine servicedesk plus msp/10.5-9304
- version/manageengine servicedesk plus msp/10.5-9305
- version/manageengine servicedesk plus msp/10.5-9306
- version/manageengine servicedesk plus msp/10.5-9307
- version/manageengine servicedesk plus msp/10.5-9308
- version/manageengine servicedesk plus msp/10.5-9400
- version/manageengine servicedesk plus msp/10.5-9401
- version/manageengine servicedesk plus msp/10.5-9402
- version/manageengine servicedesk plus msp/10.5-9403
- version/manageengine servicedesk plus msp/10.5-9404
- version/manageengine servicedesk plus msp/10.5-9405
- version/manageengine servicedesk plus msp/10.5-9406
- version/manageengine servicedesk plus msp/10.5-9407
- version/manageengine servicedesk plus msp/10.5-9408
- version/manageengine servicedesk plus msp/10.5-9409
- version/manageengine servicedesk plus msp/10.5-9410
- version/manageengine servicedesk plus msp/10.5-9411
- version/manageengine servicedesk plus msp/10.5-9412
- version/manageengine servicedesk plus msp/10.5-9413
- version/manageengine servicedesk plus msp/10.5-9414
- version/manageengine servicedesk plus msp/10.5-9415
- version/manageengine servicedesk plus msp/10.5-9416
- version/manageengine servicedesk plus msp/10.5-9417
- version/manageengine servicedesk plus msp/10.5-9418
- version/manageengine servicedesk plus msp/10.5-9419
- version/manageengine servicedesk plus msp/10.5-9420
- version/manageengine servicedesk plus msp/10.5-9421
- version/manageengine servicedesk plus msp/10.5-9422
- version/manageengine servicedesk plus msp/10.5-9423
- version/manageengine servicedesk plus msp/10.5-9424
- version/manageengine servicedesk plus msp/10.5-9425
- version/manageengine servicedesk plus msp/10.5-9426
- version/manageengine servicedesk plus msp/10.5-9427