Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HZohocorp Manageengine Adselfservice Plus
APPZohocorp6.1< 6.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Powiązane podatności
CVE-2022-47966CRITICAL9.8⚠ KEVten sam produkt
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code exec...
CVE-2021-40539CRITICAL9.8⚠ KEVten sam produkt
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass wi...
CVE-2025-11250CRITICAL9.1PL ✓ten sam produkt
Authentication Bypass w Zohocorp ManageEngine ADSelfService Plus
CVE-2023-35854CRITICAL9.8ten sam produkt
Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal ...
CVE-2022-36413CRITICAL9.1ten sam produkt
Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a passwo...