CVE-2021-37414

Severity CVSS v4.0:
Pending analysis
Type:
CWE-287 Authentication Issues
Publication date:
10/09/2021
Last modified:
20/12/2021

Description

Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get a valid user's APIKEY without authentication.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:*:*:*:* 10.0.709 (excluding)