CVE-2021-44652 | SynScan

Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2021-44652

Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component.

Published: Jan 12, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-44652
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
zohocorp / manageengine_o365_manager_plus	4.4-build4414	4.4-build4414.x
zohocorp / manageengine_o365_manager_plus	4.4-build4413	4.4-build4413.x
zohocorp / manageengine_o365_manager_plus	4.4-build4412	4.4-build4412.x
zohocorp / manageengine_o365_manager_plus	4.4-build4411	4.4-build4411.x
zohocorp / manageengine_o365_manager_plus	4.4-build4410	4.4-build4410.x
zohocorp / manageengine_o365_manager_plus	4.4-build4408	4.4-build4408.x
zohocorp / manageengine_o365_manager_plus	4.4-build4407	4.4-build4407.x
zohocorp / manageengine_o365_manager_plus	4.4-build4406	4.4-build4406.x
zohocorp / manageengine_o365_manager_plus	4.4-build4403	4.4-build4403.x
zohocorp / manageengine_o365_manager_plus	4.4-build4402	4.4-build4402.x
zohocorp / manageengine_o365_manager_plus	4.4-build4401	4.4-build4401.x
zohocorp / manageengine_o365_manager_plus	4.4-build4400	4.4-build4400.x
zohocorp / manageengine_o365_manager_plus	4.4-build4415	4.4-build4415.x
zohocorp / manageengine_o365_manager_plus	-	4.4
zohocorp / manageengine_o365_manager_plus	4.4	4.4.x

https://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4416