Zoho Corp ManageEngine ServiceDesk Plus 11.1 11105
Approved changes feed: RSS · Atom
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11105:*:*:*:*:*:*
part: a version: 11.1 update: 11105
| Vendor | Zohocorp (4f1ab088-ab0e-54ac-b0dc-2304879a7502) |
|---|---|
| Product | Manageengine Servicedesk Plus (25373568-3a9b-52b0-9856-05e6cf15479d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-44526 |
vulnerable | 2026-06-03 14:45:36.494203 |
Details available
Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin configurations.
Published: 2021-12-23T14:57:02.000Z
Updated: 2024-08-04T04:25:16.449Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-37415 |
vulnerable | 2026-06-03 14:45:00.601527 |
Details available
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.
Published: 2021-09-01T05:29:11.000Z
Updated: 2025-10-21T23:25:35.777Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20080 |
vulnerable | 2026-06-03 14:43:41.053754 |
Details available
Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before version 6800 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks by uploading a crafted XML asset file.
Published: 2021-04-09T17:21:07.000Z
Updated: 2024-08-03T17:30:07.498Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35682 |
vulnerable | 2026-06-03 14:42:32.173868 |
Details available
Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass (only during SAML login).
Published: 2021-03-13T18:18:15.000Z
Updated: 2024-08-04T17:09:14.694Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-14048 |
vulnerable | 2026-06-03 14:41:37.870817 |
Details available
Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation status of deployed agents.
Published: 2020-06-12T01:41:42.000Z
Updated: 2024-08-04T12:32:14.676Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-13154 |
vulnerable | 2026-06-03 14:41:36.336127 |
Details available
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users to discover the File Protection password via a getFileProtectionSettings call to AjaxServlet.
Published: 2020-05-18T21:38:13.000Z
Updated: 2024-08-04T12:11:19.390Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.