CVE-2021-37415
Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability
CVSS
—
No CVSS
EPSS
99.9%
p100
KEV
YES
Dec 1, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
99.9%EPSS · 30 days99.9%
2026-06-302026-07-16
Product
Zoho / ManageEngine ServiceDesk Plus (SDP)
Vulnerability
Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability
Added to KEV
Dec 1, 2021
Remediate by
Dec 15, 2021
Known ransomware use
No
Summary description
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-37415
No related CVEs by CWE or product.