PT-2021-21646 · Zoho · Zoho Manageengine Adselfservice Plus

Published

2021-09-10

·

Updated

2021-09-17

·

CVE-2021-37422

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Zoho ManageEngine ADSelfService Plus versions 6111 and prior
Description The issue is related to SQL Injection that occurs while linking databases.
Recommendations For versions 6111 and prior, update to a version later than 6111 to resolve the SQL Injection issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2021-37422

Affected Products

Zoho Manageengine Adselfservice Plus