First published: Thu Nov 11 2021(Updated: )
Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp ManageEngine ADAudit Plus | <7.0 | |
Zohocorp ManageEngine ADAudit Plus | =7.0 | |
Zohocorp ManageEngine ADAudit Plus | =7.0-7000 | |
Zohocorp ManageEngine ADAudit Plus | =7.0-7002 | |
Zohocorp ManageEngine ADAudit Plus | =7.0-7003 | |
Zohocorp ManageEngine ADAudit Plus | =7.0-7004 | |
Zohocorp ManageEngine ADAudit Plus | =7.0-7005 | |
<7.0 | ||
=7.0 | ||
=7.0-7000 | ||
=7.0-7002 | ||
=7.0-7003 | ||
=7.0-7004 | ||
=7.0-7005 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-42847 is critical.
CVE-2021-42847 allows attackers to write to and execute arbitrary files in Zoho ManageEngine ADAudit Plus.
Zoho ManageEngine ADAudit Plus versions 7.0 and below are affected by CVE-2021-42847.
Yes, a fix has been released for CVE-2021-42847. Please refer to the official Zoho ManageEngine ADAudit Plus website for more information.
You can find more information about CVE-2021-42847 at the following sources: [Packet Storm Security](http://packetstormsecurity.com/files/172258/ManageEngine-ADAudit-Plus-Remote-Code-Execution.html) and [ManageEngine Community](https://pitstop.manageengine.com/portal/en/community/topic/fix-released-for-a-vulnerability-in-manageengine-adaudit-plus).