CVE-2021-41080

Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.manageengine.com/network-configuration-manager/security-updates/cve-2021-41080.html	Vendor Advisory
https://www.manageengine.com/network-configuration-manager/security-updates/cve-2021-41080.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager::::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123123::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123129::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123137::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123151::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123156::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123159::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123169::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123177::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123179::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123191::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123194::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123206::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123207::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123214::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123215::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123217::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123218::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123222::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123223::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123231::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123237::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123239::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123274::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123277::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123279::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123288::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123304::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123306::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123312::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123323::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.3:build123327::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:-::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125000::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125108::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125112::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125115::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125116::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125120::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125121::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125125::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125129::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125136::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125142::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125149::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125180::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125195::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125199::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125212::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125213::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125216::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125228::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125232::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125233::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125234::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125323::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125325::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125327::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125329::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125343::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125345::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125358::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125362::::::
	cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125363::::::
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125378::::::
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125392::::::
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125399::::::
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125417::::::
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125445::::::

History

21 Nov 2024, 06:25

Type	Values Removed	Values Added
References	~~() https://www.manageengine.com/network-configuration-manager/security-updates/cve-2021-41080.html - Vendor Advisory~~	() https://www.manageengine.com/network-configuration-manager/security-updates/cve-2021-41080.html - Vendor Advisory

Information

Published : 2021-11-11 05:15

Updated : 2024-11-21 06:25

NVD link : CVE-2021-41080

Mitre link : CVE-2021-41080

CVE.ORG link : CVE-2021-41080

JSON object : View

Products Affected

zohocorp

manageengine_network_configuration_manager

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

9.8 /10