Zoho ManageEngine M365 Manager Plus até 4418 Proxy Settings Privilege Escalation

Campo12/01/2022 19h3515/01/2022 10h06
vendorZoho ManageEngineZoho ManageEngine
nameM365 Manager PlusM365 Manager Plus
version<=4418<=4418
componentProxy Settings HandlerProxy Settings Handler
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
urlhttps://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4419https://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4419
nameUpgradeUpgrade
upgrade_version44194419
upgrade_urlhttps://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4419https://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4419
cveCVE-2021-44650CVE-2021-44650
cve_assigned16387452001638745200
date1641942000 (12/01/2022)1641942000 (12/01/2022)
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_eXX
cvss2_vuldb_basescore6.56.5
cvss2_vuldb_tempscore5.75.7
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.06.0
cvss3_meta_basescore6.36.3
cvss3_meta_tempscore6.06.0
price_0day$0-$5k$0-$5k
cve_nvd_summaryZoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components.

Do you want to use VulDB in your project?

Use the official API to access entries easily!