CVE-2021-3287
Summary
| CVE | CVE-2021-3287 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-04-22 13:15:00 UTC |
| Updated | 2022-04-18 18:13:00 UTC |
| Description | Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class. |
Risk And Classification
Problem Types: CWE-502
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Zohocorp | Manageengine Opmanager | All | All | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | - | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125000 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125002 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125100 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125101 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125102 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125108 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125110 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125111 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125112 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125113 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125114 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125116 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125117 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125118 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125120 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125121 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125123 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125124 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125125 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125136 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125137 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125139 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125140 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125143 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125144 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125145 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125156 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125157 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125158 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125159 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125161 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125163 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125174 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125175 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125176 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125177 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125178 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125180 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125181 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125192 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125193 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125194 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125195 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125196 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125197 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125198 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125201 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125204 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125212 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125213 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125214 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125215 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125216 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125228 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125229 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125230 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125231 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125232 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125233 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125312 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125323 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125324 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125326 | All | All |
| Application | Zohocorp | Manageengine Opmanager | 12.5 | build125328 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ManageEngine OpManager SumPDU Java Deserialization ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Read me | OpManager Help | MISC | www.manageengine.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.