Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2025-1723 Account takeover

šŸ—“ļøĀ 03 Mar 2025Ā 07:40:10Reported byĀ ManageEngineTypeĀ 
cvelist
Ā cvelistšŸ”—Ā www.cve.orgšŸ‘Ā 21Ā Views

Vulnerability in Zohocorp ManageEngine ADSelfService Plus allows account takeover via session mishandling.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the ManageEngine ADSelfService Plus password reset software, related to deficiencies in authentication procedures, allows a malicious individual to gain access to user accounts.
7 Mar 202500:00
ā€“bdu_fstec
Circl		CVE-2025-1723
3 Mar 202508:29
ā€“circl
CNNVD		ZOHO ManageEngine ADSelfService Plus ęŽˆęƒé—®é¢˜ę¼ę“ž
3 Mar 202500:00
ā€“cnnvd
CVE		CVE-2025-1723
3 Mar 202507:40
ā€“cve
EUVD		EUVD-2025-5812
3 Oct 202520:07
ā€“euvd
NCSC		Vulnerability fixed in Zohocorp ManageEngine ADSelfService Plus
3 Mar 202514:11
ā€“ncsc
NVD		CVE-2025-1723
3 Mar 202508:15
ā€“nvd
OSV		CVE-2025-1723
3 Mar 202508:15
ā€“osv
Positive Technologies		PT-2025-9278 Ā· Manageengine Ā· Zoho Manageengine Adselfservice Plus
26 Feb 202500:00
ā€“ptsecurity
RedhatCVE		CVE-2025-1723
7 Jan 202609:11
ā€“redhatcve
Rows per page
[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "ADSelfService Plus",
    "vendor": "ManageEngine",
    "versions": [
      {
        "lessThan": "6511",
        "status": "affected",
        "version": "0",
        "versionType": "6511"
      }
    ]
  }
]

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
03 Mar 2025 07:40Current
CVSS 3.18.1
EPSS0.0029
CWE-287
zohocorp manageengineaccount takeoversession mishandlingvulnerabilityvalid account holders.
21