fkie_cve-2021-31159
Vulnerability from fkie_nvd
Published
2021-06-16 13:15
Modified
2024-11-21 06:05
Severity ?
Summary
Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/ricardojoserf/CVE-2021-31159 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.manageengine.com | Product | |
| cve@mitre.org | https://www.manageengine.com/products/service-desk-msp/readme.html#10519 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ricardojoserf/CVE-2021-31159 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/service-desk-msp/readme.html#10519 | Release Notes, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4B5EF3-FA74-400F-B7F8-3A078686FD96",
"versionEndIncluding": "9.4",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10500:*:*:*:*:*:*",
"matchCriteriaId": "6BA242DB-20DE-4C22-9EEC-E8DF5C2D8260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10501:*:*:*:*:*:*",
"matchCriteriaId": "860EBABC-B252-4C73-97C6-57A67ED94492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10502:*:*:*:*:*:*",
"matchCriteriaId": "71E4F529-B091-4565-B024-185174483A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10503:*:*:*:*:*:*",
"matchCriteriaId": "FADCF801-93E0-430B-BD14-092ACE960D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10504:*:*:*:*:*:*",
"matchCriteriaId": "97CD568D-AF18-42E7-8357-9AE2B279BEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10505:*:*:*:*:*:*",
"matchCriteriaId": "9EB715EE-313B-4D62-A345-C4F7EB7C3DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10506:*:*:*:*:*:*",
"matchCriteriaId": "B965016B-7584-4661-A8F3-C8EA3DB1E94C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10507:*:*:*:*:*:*",
"matchCriteriaId": "DCF7199B-A66E-425B-9614-D8256C4C828D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10508:*:*:*:*:*:*",
"matchCriteriaId": "81F583C7-CB76-430A-A7AC-F3E727E0A26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10509:*:*:*:*:*:*",
"matchCriteriaId": "F33A3E84-F73B-4797-8A97-3F10F77BD631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10510:*:*:*:*:*:*",
"matchCriteriaId": "724284CA-51FE-46E8-B90E-99C53615901B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10511:*:*:*:*:*:*",
"matchCriteriaId": "8342A66C-4C0B-4FAE-987A-276CE126724B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10512:*:*:*:*:*:*",
"matchCriteriaId": "39C638A3-C8A1-4C2A-9B8F-39339F5674CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10513:*:*:*:*:*:*",
"matchCriteriaId": "7BB0CD9F-5459-44A7-9AD1-A70D3208369B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10514:*:*:*:*:*:*",
"matchCriteriaId": "7399A6B2-B0F2-4898-AC04-E50B508EA495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10515:*:*:*:*:*:*",
"matchCriteriaId": "7793C1AC-38FA-4B31-BB78-004A519DD4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10516:*:*:*:*:*:*",
"matchCriteriaId": "7C30D050-4BDC-46E6-819E-49898AD56BFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10517:*:*:*:*:*:*",
"matchCriteriaId": "AB7D8E3B-30C3-44C5-90B7-561F4E09830E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10518:*:*:*:*:*:*",
"matchCriteriaId": "33960952-4461-4502-A2B5-364E22C96824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8000:*:*:*:*:*:*",
"matchCriteriaId": "CDE43523-D7CB-478C-B9D4-2EE2528366C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8001:*:*:*:*:*:*",
"matchCriteriaId": "F9813904-4215-41BF-96EE-751C41DB5CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8002:*:*:*:*:*:*",
"matchCriteriaId": "E49FA680-361B-4EC2-A64C-9695205B81BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8003:*:*:*:*:*:*",
"matchCriteriaId": "C8C93784-2E35-49F2-9A26-239A938F5071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8004:*:*:*:*:*:*",
"matchCriteriaId": "CAD5E27F-F89F-42E2-9CE2-1E1CAAABCF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8100:*:*:*:*:*:*",
"matchCriteriaId": "5782173F-D5E8-4618-9F0E-51DA0A4E0690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8101:*:*:*:*:*:*",
"matchCriteriaId": "D3486B9C-401F-4A35-B5C9-85DAEA8D0034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8102:*:*:*:*:*:*",
"matchCriteriaId": "E1ABE733-61D4-4265-9EFD-E2FF546F11E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8103:*:*:*:*:*:*",
"matchCriteriaId": "10902B3F-32C1-4119-843A-C98244C0AB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8104:*:*:*:*:*:*",
"matchCriteriaId": "D4638499-7F0B-4535-9EF6-A50F84BB584B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8105:*:*:*:*:*:*",
"matchCriteriaId": "CFA362F1-36BE-4982-8A1B-62A54C526FAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8200:*:*:*:*:*:*",
"matchCriteriaId": "E7D6C4A7-79D3-41B9-B738-02CDFD061509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8201:*:*:*:*:*:*",
"matchCriteriaId": "E9350A7F-1119-4813-9A2E-1A3B4AB17B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8202:*:*:*:*:*:*",
"matchCriteriaId": "3753C5C2-3136-446C-835F-E3B14619C494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8203:*:*:*:*:*:*",
"matchCriteriaId": "C7E59504-3BC3-471B-BDC5-0C1675A542D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8204:*:*:*:*:*:*",
"matchCriteriaId": "13A7411D-87B9-499B-A34A-CB0B2CFF7DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8205:*:*:*:*:*:*",
"matchCriteriaId": "435BCA89-34DF-4416-8E63-A72E39007384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8206:*:*:*:*:*:*",
"matchCriteriaId": "1BAD7635-707D-43AA-9CA7-B3087BCEAE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8207:*:*:*:*:*:*",
"matchCriteriaId": "45513FFC-16AE-4253-998C-0CEA37BD613D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8208:*:*:*:*:*:*",
"matchCriteriaId": "DE39000F-0210-406F-8D2B-0A8022E3ECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8209:*:*:*:*:*:*",
"matchCriteriaId": "6315DC22-226C-4782-A132-07F099673218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8210:*:*:*:*:*:*",
"matchCriteriaId": "D5AFA906-5FEF-4319-8F0F-E46844A2DA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8211:*:*:*:*:*:*",
"matchCriteriaId": "60CB1958-1D0E-4EAE-A9DB-0ADCB3750A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8300:*:*:*:*:*:*",
"matchCriteriaId": "2D4BB788-23FB-4C17-B22A-2317D09307B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8301:*:*:*:*:*:*",
"matchCriteriaId": "B9BA2F35-FC7C-4712-AE48-6C5533511361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8302:*:*:*:*:*:*",
"matchCriteriaId": "81F2600A-CAF3-49A9-B251-3C831BED42D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8303:*:*:*:*:*:*",
"matchCriteriaId": "C984B69D-70B8-4CCC-AB18-DCEA7BFC12A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8304:*:*:*:*:*:*",
"matchCriteriaId": "8D105340-D249-4226-84FD-3A081CE9DCB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8305:*:*:*:*:*:*",
"matchCriteriaId": "5ECFB26A-FF48-47EC-BECA-928308EB82D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8306:*:*:*:*:*:*",
"matchCriteriaId": "023A688E-17C7-4D87-9F35-BE441A7A6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8307:*:*:*:*:*:*",
"matchCriteriaId": "028FF2C3-A660-4322-B9E5-5FB10AF13BFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8308:*:*:*:*:*:*",
"matchCriteriaId": "E0310BE0-E0D2-4F06-9AE9-7FCC7D057071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8309:*:*:*:*:*:*",
"matchCriteriaId": "B77DDA8B-1FF2-4383-9E08-FF490493AD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8310:*:*:*:*:*:*",
"matchCriteriaId": "E6572BF3-F187-474F-AFC5-39EA05E2B62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8311:*:*:*:*:*:*",
"matchCriteriaId": "B4115EC3-7483-4C50-98C6-B5E8DEC76C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8312:*:*:*:*:*:*",
"matchCriteriaId": "BDCF1528-A720-4D73-9059-0262060DCD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9000:*:*:*:*:*:*",
"matchCriteriaId": "F397AEA2-88E4-4F4B-A506-E0CF4577A884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9001:*:*:*:*:*:*",
"matchCriteriaId": "DE94ABB5-E6B1-42C5-AF2B-F2951328F024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9002:*:*:*:*:*:*",
"matchCriteriaId": "9966E66B-B3E2-49B0-8CBF-CA3A0458D20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9003:*:*:*:*:*:*",
"matchCriteriaId": "834F8534-4226-48A2-B415-995501650618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9004:*:*:*:*:*:*",
"matchCriteriaId": "31F1D452-4268-407B-B63B-59FE3EB046ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9005:*:*:*:*:*:*",
"matchCriteriaId": "94A91595-4BA0-4CD2-BBED-9F42F65C632A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9006:*:*:*:*:*:*",
"matchCriteriaId": "0E7DAE62-8469-475F-82FE-164C1EDBC0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9007:*:*:*:*:*:*",
"matchCriteriaId": "CE512B2F-0834-441E-B7F4-E0E9F0A2DE0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9008:*:*:*:*:*:*",
"matchCriteriaId": "EE7595D0-856F-494D-8E3A-A02242A8D383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9009:*:*:*:*:*:*",
"matchCriteriaId": "91C388D3-2688-4ECB-B0B9-7611F9A52ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9201:*:*:*:*:*:*",
"matchCriteriaId": "E912C9D7-7553-4974-B97C-F4AC2D0B3133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9203:*:*:*:*:*:*",
"matchCriteriaId": "6AECEDD6-54EC-4541-939F-0C23F48F6781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9204:*:*:*:*:*:*",
"matchCriteriaId": "BBC170CE-1836-41BE-8326-D4F7808D58C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9205:*:*:*:*:*:*",
"matchCriteriaId": "88C00B27-DE6C-4315-8948-3EB8640F0F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9206:*:*:*:*:*:*",
"matchCriteriaId": "811B1869-7E3D-4803-B6CC-F3813CF2D402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9207:*:*:*:*:*:*",
"matchCriteriaId": "6F13C8B4-2290-4E4E-B3E8-F75A42D0EDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9208:*:*:*:*:*:*",
"matchCriteriaId": "071A7E8D-8F02-438A-81BD-EB11D0C286DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9209:*:*:*:*:*:*",
"matchCriteriaId": "D3138227-61F5-44B9-8F93-AC691789F07F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9210:*:*:*:*:*:*",
"matchCriteriaId": "9920E9A3-D737-497F-B568-4262726013F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9300:*:*:*:*:*:*",
"matchCriteriaId": "1CCC051F-DB21-4066-AD6B-DDD26CD2B0D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9301:*:*:*:*:*:*",
"matchCriteriaId": "E3C50EDF-35AF-4576-AC5D-88E472582B1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9302:*:*:*:*:*:*",
"matchCriteriaId": "A0D2FEBF-A46E-42CE-92F8-ED8EC314374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9303:*:*:*:*:*:*",
"matchCriteriaId": "DDE9FA5E-25BE-4F4B-B29B-D6526F2E4B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9304:*:*:*:*:*:*",
"matchCriteriaId": "6A20173C-D413-45E5-A471-1AA72AF909C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9305:*:*:*:*:*:*",
"matchCriteriaId": "3DCFE06A-801E-46B3-8593-B9F9AA6F0779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9306:*:*:*:*:*:*",
"matchCriteriaId": "55117842-D507-445B-8AA4-1C04B9FC68D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9307:*:*:*:*:*:*",
"matchCriteriaId": "143E3269-0869-40E8-B962-82C036A048AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9308:*:*:*:*:*:*",
"matchCriteriaId": "DE3A12DA-5B95-4AB4-A616-A7D1DE0D46F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9400:*:*:*:*:*:*",
"matchCriteriaId": "57DC9260-6C3E-454F-B22E-7BB393867A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9401:*:*:*:*:*:*",
"matchCriteriaId": "CAFD4B56-3DC6-497A-8545-BB0B8697657E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9402:*:*:*:*:*:*",
"matchCriteriaId": "72328DE3-F889-4205-9DAC-270230C5205B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9403:*:*:*:*:*:*",
"matchCriteriaId": "E2B414B8-83B8-490D-BDEC-C52D8543A49E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9404:*:*:*:*:*:*",
"matchCriteriaId": "426552F5-7152-428F-82DE-EF8F76FE1335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9405:*:*:*:*:*:*",
"matchCriteriaId": "A7EFBD59-AD58-4F04-8373-E6D2885F3288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9406:*:*:*:*:*:*",
"matchCriteriaId": "33985D13-CE17-46D4-AF6C-B0D367EE3554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9407:*:*:*:*:*:*",
"matchCriteriaId": "B7DB69E1-FCA2-4BB2-BBF3-5B8F14AA5F93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9408:*:*:*:*:*:*",
"matchCriteriaId": "00C3A7F0-46E3-4973-8644-7A01FB6BC30C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9409:*:*:*:*:*:*",
"matchCriteriaId": "355BD39B-6851-4728-883C-CC3D74CD8325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9410:*:*:*:*:*:*",
"matchCriteriaId": "8D59A697-4BCD-4287-B9F4-4B2A17DFD9AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9411:*:*:*:*:*:*",
"matchCriteriaId": "F117B2FB-6C00-4828-B4D8-E20C6B1B3650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9412:*:*:*:*:*:*",
"matchCriteriaId": "DDB5F6A9-8BE9-495D-B376-8ED135F5548B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9413:*:*:*:*:*:*",
"matchCriteriaId": "59AA5B39-2920-43F0-8FF3-F5DC982193D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9414:*:*:*:*:*:*",
"matchCriteriaId": "E0ACCAFC-6F7C-4308-9400-52F235301E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9415:*:*:*:*:*:*",
"matchCriteriaId": "708A8653-F792-45BD-83D9-20EDF059D944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9416:*:*:*:*:*:*",
"matchCriteriaId": "41547FE5-7429-41A4-ABB0-1C76EC7E9CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9417:*:*:*:*:*:*",
"matchCriteriaId": "7127E8DA-F563-4D75-AAD6-243D91019A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9418:*:*:*:*:*:*",
"matchCriteriaId": "246F2D39-E0CB-43CF-867D-2A8792F95230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9419:*:*:*:*:*:*",
"matchCriteriaId": "97BC20EC-7D36-4913-999A-5A32C320C97C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9420:*:*:*:*:*:*",
"matchCriteriaId": "A9214BCD-3538-464B-B2DD-DDB74359B288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9421:*:*:*:*:*:*",
"matchCriteriaId": "365B0574-FBE5-41EB-90B5-D6CD5AC636E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9422:*:*:*:*:*:*",
"matchCriteriaId": "335B549D-4CDA-4656-A802-A3F9FE0AE842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9423:*:*:*:*:*:*",
"matchCriteriaId": "0B700DF0-0CD8-4CE1-BAC6-74A7F660E2EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9424:*:*:*:*:*:*",
"matchCriteriaId": "7B6AE150-E531-41E0-A12F-F638B9969DCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9425:*:*:*:*:*:*",
"matchCriteriaId": "418F99FE-9BE8-45F2-B8BA-8A633B71370E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9426:*:*:*:*:*:*",
"matchCriteriaId": "17EC0F67-3CCD-4C72-B092-5DB4B3BB6229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9427:*:*:*:*:*:*",
"matchCriteriaId": "71D28BB0-D675-4FF6-8EDD-86281C970411",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732."
},
{
"lang": "es",
"value": "Zoho ManageEngine ServiceDesk Plus MSP versiones anteriores a 10519 es vulnerable a un bug de Enumeraci\u00f3n de Usuarios debido a la generaci\u00f3n inapropiada de mensajes de error en la funcionalidad Forgot Password, tambi\u00e9n se conoce como SDPMSP-15732"
}
],
"id": "CVE-2021-31159",
"lastModified": "2024-11-21T06:05:12.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-16T13:15:11.890",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/ricardojoserf/CVE-2021-31159"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.manageengine.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/ricardojoserf/CVE-2021-31159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.manageengine.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.