Share:

CVE-2021-37414 - Zohocorp Manageengine Desktop Central

September 10, 2021

Critical 7.5

Zoho ManageEngine DesktopCentral version 10.1.2119.7 and prior allows anyone to get a valid user's APIKEY without authentication.

Affected software

Zohocorp Manageengine Desktop Central

Reference links

https://www.manageengine.com/products/desktop-central/improper-access-control.html

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.