Vulnerability Description
Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zohocorp | Manageengine Admanager Plus | < 7.1 |
Related Weaknesses (CWE)
References
- https://www.manageengine.comProduct
- https://www.manageengine.com/products/ad-manager/release-notes.html#7111Release NotesVendor Advisory
- https://www.manageengine.comProduct
- https://www.manageengine.com/products/ad-manager/release-notes.html#7111Release NotesVendor Advisory
FAQ
What is CVE-2021-37922?
CVE-2021-37922 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.
How severe is CVE-2021-37922?
CVE-2021-37922 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-37922?
Check the references section above for vendor advisories and patch information. Affected products include: Zohocorp Manageengine Admanager Plus.