cvedb.io
CVE-2021-41744
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2021-10-22T12:15:09.063 · Last modified 2026-06-17T04:08:51.473

Summary

All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life Cycle Management) is a strategic management method. It applies a series of enterprise application systems to support the entire process from conceptual design to the end of product life, and the collaborative creation, distribution, application and management of product information across organizations. Yonyou PLM uses jboss by default, and you can access the management control background without authorization An attacker can use this vulnerability to gain server permissions.

Affected products

yonyou — ufida_product_lifecycle_management

Does this affect you?

Add your gear to cvedb and we'll alert you only when yonyou ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.