CVE-2021-20131

No Score
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.

References

https://www.tenable.com/security/research/tra-2021-43

Details

Source: MITRE

Published: 2021-10-13

Updated: 2021-10-13