First published: Wed Jan 12 2022(Updated: )
Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp Manageengine O365 Manager Plus | <4.4 | |
Zohocorp Manageengine O365 Manager Plus | =4.4 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4400 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4401 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4402 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4403 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4406 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4407 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4408 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4410 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4411 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4412 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4413 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4414 | |
Zohocorp Manageengine O365 Manager Plus | =4.4-build4415 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-44652.
The title of the vulnerability is 'Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file over…'.
The severity of CVE-2021-44652 is high with a score of 7.8.
CVE-2021-44652 allows remote code execution through the ChangeDBAPI component by overwriting BCP files.
To fix CVE-2021-44652, update Zoho ManageEngine O365 Manager Plus to Build 4416 or later.