CVE-2021-3287
First published: Thu Apr 22 2021(Updated: )
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ManageEngine OpManager MSP | <12.5 | |
| ManageEngine OpManager MSP | =12.5 | |
| ManageEngine OpManager MSP | =12.5-build125000 | |
| ManageEngine OpManager MSP | =12.5-build125002 | |
| ManageEngine OpManager MSP | =12.5-build125100 | |
| ManageEngine OpManager MSP | =12.5-build125101 | |
| ManageEngine OpManager MSP | =12.5-build125102 | |
| ManageEngine OpManager MSP | =12.5-build125108 | |
| ManageEngine OpManager MSP | =12.5-build125110 | |
| ManageEngine OpManager MSP | =12.5-build125111 | |
| ManageEngine OpManager MSP | =12.5-build125112 | |
| ManageEngine OpManager MSP | =12.5-build125113 | |
| ManageEngine OpManager MSP | =12.5-build125114 | |
| ManageEngine OpManager MSP | =12.5-build125116 | |
| ManageEngine OpManager MSP | =12.5-build125117 | |
| ManageEngine OpManager MSP | =12.5-build125118 | |
| ManageEngine OpManager MSP | =12.5-build125120 | |
| ManageEngine OpManager MSP | =12.5-build125121 | |
| ManageEngine OpManager MSP | =12.5-build125123 | |
| ManageEngine OpManager MSP | =12.5-build125124 | |
| ManageEngine OpManager MSP | =12.5-build125125 | |
| ManageEngine OpManager MSP | =12.5-build125136 | |
| ManageEngine OpManager MSP | =12.5-build125137 | |
| ManageEngine OpManager MSP | =12.5-build125139 | |
| ManageEngine OpManager MSP | =12.5-build125140 | |
| ManageEngine OpManager MSP | =12.5-build125143 | |
| ManageEngine OpManager MSP | =12.5-build125144 | |
| ManageEngine OpManager MSP | =12.5-build125145 | |
| ManageEngine OpManager MSP | =12.5-build125156 | |
| ManageEngine OpManager MSP | =12.5-build125157 | |
| ManageEngine OpManager MSP | =12.5-build125158 | |
| ManageEngine OpManager MSP | =12.5-build125159 | |
| ManageEngine OpManager MSP | =12.5-build125161 | |
| ManageEngine OpManager MSP | =12.5-build125163 | |
| ManageEngine OpManager MSP | =12.5-build125174 | |
| ManageEngine OpManager MSP | =12.5-build125175 | |
| ManageEngine OpManager MSP | =12.5-build125176 | |
| ManageEngine OpManager MSP | =12.5-build125177 | |
| ManageEngine OpManager MSP | =12.5-build125178 | |
| ManageEngine OpManager MSP | =12.5-build125180 | |
| ManageEngine OpManager MSP | =12.5-build125181 | |
| ManageEngine OpManager MSP | =12.5-build125192 | |
| ManageEngine OpManager MSP | =12.5-build125193 | |
| ManageEngine OpManager MSP | =12.5-build125194 | |
| ManageEngine OpManager MSP | =12.5-build125195 | |
| ManageEngine OpManager MSP | =12.5-build125196 | |
| ManageEngine OpManager MSP | =12.5-build125197 | |
| ManageEngine OpManager MSP | =12.5-build125198 | |
| ManageEngine OpManager MSP | =12.5-build125201 | |
| ManageEngine OpManager MSP | =12.5-build125204 | |
| ManageEngine OpManager MSP | =12.5-build125212 | |
| ManageEngine OpManager MSP | =12.5-build125213 | |
| ManageEngine OpManager MSP | =12.5-build125214 | |
| ManageEngine OpManager MSP | =12.5-build125215 | |
| ManageEngine OpManager MSP | =12.5-build125216 | |
| ManageEngine OpManager MSP | =12.5-build125228 | |
| ManageEngine OpManager MSP | =12.5-build125229 | |
| ManageEngine OpManager MSP | =12.5-build125230 | |
| ManageEngine OpManager MSP | =12.5-build125231 | |
| ManageEngine OpManager MSP | =12.5-build125232 | |
| ManageEngine OpManager MSP | =12.5-build125233 | |
| ManageEngine OpManager MSP | =12.5-build125312 | |
| ManageEngine OpManager MSP | =12.5-build125323 | |
| ManageEngine OpManager MSP | =12.5-build125324 | |
| ManageEngine OpManager MSP | =12.5-build125326 | |
| ManageEngine OpManager MSP | =12.5-build125328 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-3287?
CVE-2021-3287 is classified as a critical vulnerability due to the potential for unauthenticated remote code execution.
How do I fix CVE-2021-3287?
To fix CVE-2021-3287, you should update your Zoho ManageEngine OpManager to version 12.5.329 or later.
What impact does CVE-2021-3287 have on my system?
CVE-2021-3287 allows attackers to execute arbitrary code on the affected system without authentication.
What versions of ManageEngine OpManager are affected by CVE-2021-3287?
CVE-2021-3287 affects ManageEngine OpManager versions prior to 12.5.329.
Is there an exploit for CVE-2021-3287 available in the wild?
Yes, there are reports that CVE-2021-3287 is being actively exploited, making it essential to patch immediately.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/zohocorp
- canonical/manageengine opmanager msp
- version/manageengine opmanager msp/12.5
- version/manageengine opmanager msp/12.5-build125000
- version/manageengine opmanager msp/12.5-build125002
- version/manageengine opmanager msp/12.5-build125100
- version/manageengine opmanager msp/12.5-build125101
- version/manageengine opmanager msp/12.5-build125102
- version/manageengine opmanager msp/12.5-build125108
- version/manageengine opmanager msp/12.5-build125110
- version/manageengine opmanager msp/12.5-build125111
- version/manageengine opmanager msp/12.5-build125112
- version/manageengine opmanager msp/12.5-build125113
- version/manageengine opmanager msp/12.5-build125114
- version/manageengine opmanager msp/12.5-build125116
- version/manageengine opmanager msp/12.5-build125117
- version/manageengine opmanager msp/12.5-build125118
- version/manageengine opmanager msp/12.5-build125120
- version/manageengine opmanager msp/12.5-build125121
- version/manageengine opmanager msp/12.5-build125123
- version/manageengine opmanager msp/12.5-build125124
- version/manageengine opmanager msp/12.5-build125125
- version/manageengine opmanager msp/12.5-build125136
- version/manageengine opmanager msp/12.5-build125137
- version/manageengine opmanager msp/12.5-build125139
- version/manageengine opmanager msp/12.5-build125140
- version/manageengine opmanager msp/12.5-build125143
- version/manageengine opmanager msp/12.5-build125144
- version/manageengine opmanager msp/12.5-build125145
- version/manageengine opmanager msp/12.5-build125156
- version/manageengine opmanager msp/12.5-build125157
- version/manageengine opmanager msp/12.5-build125158
- version/manageengine opmanager msp/12.5-build125159
- version/manageengine opmanager msp/12.5-build125161
- version/manageengine opmanager msp/12.5-build125163
- version/manageengine opmanager msp/12.5-build125174
- version/manageengine opmanager msp/12.5-build125175
- version/manageengine opmanager msp/12.5-build125176
- version/manageengine opmanager msp/12.5-build125177
- version/manageengine opmanager msp/12.5-build125178
- version/manageengine opmanager msp/12.5-build125180
- version/manageengine opmanager msp/12.5-build125181
- version/manageengine opmanager msp/12.5-build125192
- version/manageengine opmanager msp/12.5-build125193
- version/manageengine opmanager msp/12.5-build125194
- version/manageengine opmanager msp/12.5-build125195
- version/manageengine opmanager msp/12.5-build125196
- version/manageengine opmanager msp/12.5-build125197
- version/manageengine opmanager msp/12.5-build125198
- version/manageengine opmanager msp/12.5-build125201
- version/manageengine opmanager msp/12.5-build125204
- version/manageengine opmanager msp/12.5-build125212
- version/manageengine opmanager msp/12.5-build125213
- version/manageengine opmanager msp/12.5-build125214
- version/manageengine opmanager msp/12.5-build125215
- version/manageengine opmanager msp/12.5-build125216
- version/manageengine opmanager msp/12.5-build125228
- version/manageengine opmanager msp/12.5-build125229
- version/manageengine opmanager msp/12.5-build125230
- version/manageengine opmanager msp/12.5-build125231
- version/manageengine opmanager msp/12.5-build125232
- version/manageengine opmanager msp/12.5-build125233
- version/manageengine opmanager msp/12.5-build125312
- version/manageengine opmanager msp/12.5-build125323
- version/manageengine opmanager msp/12.5-build125324
- version/manageengine opmanager msp/12.5-build125326
- version/manageengine opmanager msp/12.5-build125328