{"id":6850,"date":"2021-12-08T09:45:56","date_gmt":"2021-12-08T00:45:56","guid":{"rendered":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/?p=6850"},"modified":"2022-12-27T12:15:23","modified_gmt":"2022-12-27T03:15:23","slug":"servicedesk-plus%e3%81%ae%e8%84%86%e5%bc%b1%e6%80%a7%ef%bc%88cve-2021-44526%ef%bc%89%e3%81%ab%e3%81%a4%e3%81%84%e3%81%a6","status":"publish","type":"post","link":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/?p=6850","title":{"rendered":"ServiceDesk Plus\u306e\u8106\u5f31\u6027\uff08CVE-2021-44526\uff09\u306b\u3064\u3044\u3066"},"content":{"rendered":"<p>\u672c\u30ca\u30ec\u30c3\u30b8\u306f\u3001<a href=\"https:\/\/pitstop.manageengine.com\/portal\/en\/community\/topic\/security-advisory-for-cve-2021-44526-and-cve-2021-44515-authentication-bypass-vulnerabilities-in-servicedesk-plus-and-desktop-central\" target=\"_blank\" rel=\"noopener\">[Security advisory for CVE-2021-44526 and CVE-2021-44515] Authentication bypass vulnerabilities in ServiceDesk Plus and Desktop Central<\/a>\u3092\u57fa\u306b\u8a18\u8f09\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<h4 id=\"1\">\u8106\u5f31\u6027\u306b\u3064\u3044\u3066<\/h4>\n<p>ServiceDesk Plus\u306b\u304a\u3044\u3066\u3001\u8a8d\u8a3c\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027\uff08CVE-2021-44526\uff09\u304c\u5b58\u5728\u3057\u307e\u3059\u3002<\/p>\n<p>\u203bCVE-2021-44515\u306b\u3064\u3044\u3066\u306f\u3001ServiceDesk Plus\u30d0\u30fc\u30b8\u30e7\u30f311.3\u4ee5\u4e0a\uff08\u65e5\u672c\u672a\u30ea\u30ea\u30fc\u30b9\uff09\u307e\u305f\u306fServiceDesk Plus\u3068Desktop Central\u3092\u9023\u643a\u3057\u3066\u3044\u308b\u5834\u5408\u304c\u8a72\u5f53\u3057\u307e\u3059\u3002<br \/>\n\u203bServiceDesk Plus\u30d0\u30fc\u30b8\u30e7\u30f311.2\u4ee5\u4e0b\u3092\u3054\u5229\u7528\u306e\u5834\u5408\u3001CVE-2021-44515\u306e\u5f71\u97ff\u306f\u3042\u308a\u307e\u305b\u3093\u3002<br \/>\n\u203bDesktop Central\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u306f\u3001<a href=\"https:\/\/www.manageengine.jp\/support\/kb\/Desktop_Central\/?p=6438\" target=\"_blank\" rel=\"noopener\">\u3010\u65e2\u77e5\u306e\u4e0d\u5177\u5408\u3011Desktop Central\u306e\u8106\u5f31\u6027(CVE-2021-44515)\u306b\u3064\u3044\u3066<\/a>\u3092\u3054\u89a7\u304f\u3060\u3055\u3044\u3002<\/p>\n<h4 id=\"2\">\u8106\u5f31\u6027\u306e\u91cd\u8981\u5ea6<\/h4>\n<p>\u9ad8<\/p>\n<h4 id=\"3\">\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30d3\u30eb\u30c9<\/h4>\n<p>\u65e5\u672c\u5411\u3051\u306b\u30ea\u30ea\u30fc\u30b9\u3057\u3066\u3044\u308bServiceDesk Plus\u30aa\u30f3\u30d7\u30ec\u30df\u30b9\u7248\u30d3\u30eb\u30c9<strong>11211\u4ee5\u4e0b<\/strong>\u304c\u5bfe\u8c61\u3067\u3059\u3002<\/p>\n<p>\u65e5\u672c\u3067\u30ea\u30ea\u30fc\u30b9\u3057\u3066\u3044\u308b\u30d3\u30eb\u30c9\u306b\u3064\u3044\u3066\u306f\u3001<a href=\"https:\/\/www.manageengine.jp\/products\/ServiceDesk_Plus\/release-information.html\" target=\"_blank\" rel=\"noopener\">ServiceDesk Plus\u30ea\u30ea\u30fc\u30b9\u60c5\u5831<\/a>\u3092\u3054\u89a7\u304f\u3060\u3055\u3044\u3002<\/p>\n<h4 id=\"4\">\u30e6\u30fc\u30b6\u30fc\u3078\u306e\u5f71\u97ff<\/h4>\n<p>\u653b\u6483\u8005\u306f\u8a8d\u8a3c\u30d7\u30ed\u30bb\u30b9\u3092\u8fc2\u56de\u3057\u3066\u3001\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u306e\u30d5\u30a3\u30fc\u30eb\u30c9\uff06\u30d5\u30a9\u30fc\u30e0\u30eb\u30fc\u30eb\/\u6280\u8853\u62c5\u5f53\u8005\u306e\u81ea\u52d5\u5272\u308a\u5f53\u3066\/\u8cc7\u7523\u30d5\u30a3\u30fc\u30eb\u30c9\u306e\u8a31\u5bb9\u5024\/\u7ffb\u8a33\/\u5909\u66f4\u306eSLA\u8a2d\u5b9a\/\u30e6\u30fc\u30b6\u30fc\u306b\u95a2\u9023\u3059\u308b\u8cc7\u7523\/\u5909\u66f4\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u304b\u3089\u306e\u5f79\u5272\u306e\u8a73\u7d30\u306b\u30a2\u30af\u30bb\u30b9\u3001\u304a\u3088\u3073\u3001\u30b5\u30fc\u30d3\u30b9\u30ab\u30bf\u30ed\u30b0\u3092\u4e26\u3079\u66ff\u3048\u308b\u3053\u3068\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<h4 id=\"5\">\u8106\u5f31\u6027\u306e\u5f71\u97ff\u3092\u78ba\u8a8d\u3059\u308b\u65b9\u6cd5<\/h4>\n<p>\u4f7f\u7528\u4e2d\u306e\u30d3\u30eb\u30c9\u756a\u53f7\u304c\u30d3\u30eb\u30c9<strong>11211\u4ee5\u4e0b<\/strong>\u3067\u3042\u308b\u304b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<p>\u30d3\u30eb\u30c9\u306e\u78ba\u8a8d\u65b9\u6cd5\u306f\u3001<a href=\"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/?p=413\" target=\"_blank\" rel=\"noopener\">\u3054\u5229\u7528\u4e2d\u306e\u30d3\u30eb\u30c9\u756a\u53f7\u306e\u78ba\u8a8d\u65b9\u6cd5\u306b\u3064\u3044\u3066<\/a>\u3092\u3054\u89a7\u304f\u3060\u3055\u3044\u3002<\/p>\n<h4 id=\"6\">\u5bfe\u5fdc\u65b9\u6cd5<\/h4>\n<p>\u672c\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3057\u305f\u30d3\u30eb\u30c9<strong>11212<\/strong>\u306b\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9\u624b\u9806\u306b\u3064\u3044\u3066\u306f\u3001<a href=\"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/?p=424\" target=\"_blank\" rel=\"noopener\">\u65e5\u672c\u8a9e\u7248\u6700\u65b0\u30d3\u30eb\u30c9\u3078\u306e\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9\u306e\u6d41\u308c<\/a>\u306b\u3064\u3044\u3066\u3092\u3054\u89a7\u304f\u3060\u3055\u3044\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u672c\u30ca\u30ec\u30c3\u30b8\u306f\u3001[Security advisory for CVE-2021-44526 and CVE-2021-44515] Authentica\u2026 <a href=\"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/?p=6850\" class=\"more\">\uff3b\u7d9a\u304d\u3092\u8aad\u3080\uff3d<\/a><\/p>\n","protected":false},"author":80,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[5,3612273],"tags":[3612150,1380574],"class_list":["post-6850","post","type-post","status-publish","format-standard","hentry","category-knownissue-sdp","category-vulnerability-sdp","tag-3612150","tag-1380574"],"modified_by":"daiki","_links":{"self":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=\/wp\/v2\/posts\/6850","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=\/wp\/v2\/users\/80"}],"replies":[{"embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6850"}],"version-history":[{"count":7,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=\/wp\/v2\/posts\/6850\/revisions"}],"predecessor-version":[{"id":6857,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=\/wp\/v2\/posts\/6850\/revisions\/6857"}],"wp:attachment":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6850"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6850"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/ServiceDesk_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6850"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}