Known Vulnerabilities for Manageengine Servicedesk Plus by Zohocorp

Listed below are 10 of the newest known vulnerabilities associated with "Manageengine Servicedesk Plus" by "Zohocorp".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2021-37415	Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs withou...	9.8 - CRITICAL	2021-09-01	2022-07-12
CVE-2021-31160	Zoho ManageEngine ServiceDesk Plus MSP before 10521 allows an attacker to access internal data.	7.5 - HIGH	2021-06-29	2021-07-02
CVE-2021-20081	Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated att...	7.2 - HIGH	2021-06-10	2022-07-12
CVE-2021-20080	Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before ...	6.1 - MEDIUM	2021-04-09	2021-04-19
CVE-2020-35682	Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass (only during SAML login).	8.8 - HIGH	2021-03-13	2021-03-18
CVE-2020-14048	Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation...	7.5 - HIGH	2020-06-12	2020-06-17
CVE-2020-13154	Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users to discover the File Protecti...	6.5 - MEDIUM	2020-05-18	2021-07-21
CVE-2020-6843	Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This issue was fixed in version 11.0 Build 11010, SD-83959.	4.8 - MEDIUM	2020-01-23	2020-01-27
CVE-2019-8395	An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build...	9.8 - CRITICAL	2019-02-17	2020-08-24
CVE-2019-8394	Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login ...	6.5 - MEDIUM	2019-02-17	2019-02-26

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	-	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9400	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9401	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9402	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9403	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9404	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9405	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9406	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9407	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9408	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9409	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9410	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9411	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9412	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9413	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9414	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9415	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9416	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9417	All	All
Application	Zohocorp	Manageengine Servicedesk Plus	9.4	9418	All	All

Results limited to 20 most recent known configurations