diff --git a/modules/exploits/multi/http/opmanager_sumpdu_deserialization.rb b/modules/exploits/multi/http/opmanager_sumpdu_deserialization.rb
index d526ee97781b..8fd8bc4f5e23 100644
--- a/modules/exploits/multi/http/opmanager_sumpdu_deserialization.rb
+++ b/modules/exploits/multi/http/opmanager_sumpdu_deserialization.rb
@@ -32,7 +32,8 @@ def initialize(info = {})
         'Arch' => [ARCH_CMD, ARCH_PYTHON, ARCH_X86, ARCH_X64],
         'Platform' => [ 'win', 'linux', 'python', 'unix' ],
         'References' => [
-          [ 'CVE', '2021-3287' ],
+          [ 'CVE', '2020-28653' ], # original CVE
+          # [ 'CVE', '2021-3287' ], # patch bypass
           [ 'URL', 'https://haxolot.com/posts/2021/manageengine_opmanager_pre_auth_rce/' ]
         ],
         'Privileged' => true,