CISA description
Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization.
CVE-2019-8394
Zoho · ManageEngine
Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.