First published: Tue Nov 30 2021(Updated: )
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to an SSRF attack in ActionExecutor.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp Manageengine Supportcenter Plus | =11.0 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11001 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11002 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11003 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11004 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11005 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11006 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11007 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11008 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11009 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11010 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11011 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11012 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11013 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11014 | |
Zohocorp Manageengine Supportcenter Plus | =11.0-11015 | |
=11.0 | ||
=11.0-11001 | ||
=11.0-11002 | ||
=11.0-11003 | ||
=11.0-11004 | ||
=11.0-11005 | ||
=11.0-11006 | ||
=11.0-11007 | ||
=11.0-11008 | ||
=11.0-11009 | ||
=11.0-11010 | ||
=11.0-11011 | ||
=11.0-11012 | ||
=11.0-11013 | ||
=11.0-11014 | ||
=11.0-11015 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2021-43296.
The severity of CVE-2021-43296 is high with a CVSS score of 7.5.
Zohocorp Manageengine Supportcenter Plus version 11.0 to 11.0-11015 are affected by CVE-2021-43296.
CVE-2021-43296 is a vulnerability in Zoho ManageEngine SupportCenter Plus before 11016 that allows for SSRF attacks in ActionExecutor.
To fix CVE-2021-43296, update Zoho ManageEngine SupportCenter Plus to version 11.0-11016 or later.