Vulnerabilities > CVE-2021-46164 - Unspecified vulnerability in Zohocorp Manageengine Desktop Central

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

zohocorp

NVD

Published: 2022-01-10

Updated: 2022-01-14

Summary

Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module.

Vulnerable Configurations

Part	Description	Count
Application	Zohocorp Zohocorp Manageengine Desktop Central - Zohocorp Manageengine Desktop Central 7.0 Zohocorp Manageengine Desktop Central 7.0.0 Zohocorp Manageengine Desktop Central 7.0.1 Zohocorp Manageengine Desktop Central 8.0.0 Zohocorp Manageengine Desktop Central 9.0 Zohocorp Manageengine Desktop Central 9.1.0 Zohocorp Manageengine Desktop Central 10 Zohocorp Manageengine Desktop Central 10.0.0 Zohocorp Manageengine Desktop Central 10.0.124 Zohocorp Manageengine Desktop Central 10.0.137 Zohocorp Manageengine Desktop Central 10.0.184 Zohocorp Manageengine Desktop Central 10.0.255 Zohocorp Manageengine Desktop Central 10.0.271 Zohocorp Manageengine Desktop Central 10.0.289 Zohocorp Manageengine Desktop Central 10.0.290 Zohocorp Manageengine Desktop Central 10.0.380 Zohocorp Manageengine Desktop Central 10.0.430 Zohocorp Manageengine Desktop Central 10.0.484 Zohocorp Manageengine Desktop Central 10.0.486 Zohocorp Manageengine Desktop Central 10.0.533 Zohocorp Manageengine Desktop Central 10.0.552.W Zohocorp Manageengine Desktop Central 10.0.647	24

References

https://www.manageengine.com/products/desktop-central/vulnerabilities-in-reports-module.html