Zoho ManageEngine M365 Manager Plus até 4418 Proxy Settings Privilege Escalation

Campo	12/01/2022 19h35	15/01/2022 10h06
vendor	Zoho ManageEngine	Zoho ManageEngine
name	M365 Manager Plus	M365 Manager Plus
version	<=4418	<=4418
component	Proxy Settings Handler	Proxy Settings Handler
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	C	C
url	https://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4419	https://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4419
name	Upgrade	Upgrade
upgrade_version	4419	4419
upgrade_url	https://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4419	https://www.manageengine.com/microsoft-365-management-reporting/release-notes.html?Build=4419
cve	CVE-2021-44650	CVE-2021-44650
cve_assigned	1638745200	1638745200
date	1641942000 (12/01/2022)	1641942000 (12/01/2022)
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss2_vuldb_rc	C	C
cvss2_vuldb_rl	OF	OF
cvss2_vuldb_au	S	S
cvss2_vuldb_e	ND	ND
cvss3_vuldb_pr	L	L
cvss3_vuldb_ui	N	N
cvss3_vuldb_e	X	X
cvss2_vuldb_basescore	6.5	6.5
cvss2_vuldb_tempscore	5.7	5.7
cvss3_vuldb_basescore	6.3	6.3
cvss3_vuldb_tempscore	6.0	6.0
cvss3_meta_basescore	6.3	6.3
cvss3_meta_tempscore	6.0	6.0
price_0day	$0-$5k	$0-$5k
cve_nvd_summary		Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components.

Do you want to use VulDB in your project?

Use the official API to access entries easily!