Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin configurations.
https://www.tenable.com/blog/cve-2021-44515-zoho-patches-manageengine-zero-day-exploited-in-the-wild
https://www.manageengine.com/products/service-desk/on-premises/readme.html#12003