Threat Advisories - NVD Disclosed September 1, 2021

CVE-2021-37415

ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Zoho ManageEngine ServiceDesk Plus allows unauthorized access to certain REST-API URLs. This could lead to data compromise and system manipulation for affected organizations, posing a business risk.

NVD published: September 1, 2021 • CISA KEV