Lucene search
K

384 matches found

GithubExploit
GithubExploit
added 2024/10/16 11:23 a.m.249 views

Exploit for Use of Incorrectly-Resolved Name or Reference in Zohocorp Manageengine_Adselfservice_Plus

ADSelfService-Plus-RCE-CVE-2021-40539 ADSelfService Plus RCE...

9.8CVSS7.5AI score0.9896EPSS
Exploits8
GithubExploit
GithubExploit
added 2024/10/12 9:9 a.m.449 views

Exploit for Use of Incorrectly-Resolved Name or Reference in Zohocorp Manageengine_Adselfservice_Plus

CVE-2021-40539 CVE-2021-40539: ADSelfService Plus RCE Vuln...

9.8CVSS7.4AI score0.9896EPSS
Exploits8
GithubExploit
GithubExploit
added 2024/10/12 9:1 a.m.386 views

Exploit for Use of Incorrectly-Resolved Name or Reference in Zohocorp Manageengine_Adselfservice_Plus

CVE-2021-40539 CVE-2021-40539: ADSelfService Plus RCE Vulner...

9.8CVSS7.4AI score0.9896EPSS
Exploits8
NVD
NVD
added 2024/05/27 6:15 p.m.20 views

CVE-2024-27310

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...

6.5CVSS5.3AI score0.02274EPSS
Exploits0References1
OSV
OSV
added 2024/05/27 6:15 p.m.3 views

CVE-2024-27310

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...

6.5CVSS5.8AI score0.02274EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/27 5:26 p.m.39 views

CVE-2024-27310 DOS Vulnerability

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...

5.3CVSS5.3AI score0.02274EPSS
Exploits0References1
CVE
CVE
added 2024/05/27 5:26 p.m.87 views

CVE-2024-27310

CVE-2024-27310 affects Zoho ManageEngine ADSelfService Plus prior to version 6401. The vulnerability arises from malicious LDAP input causing a denial-of-service condition, impacting availability (per CVE metrics). Connected sources corroborate that versions below 6401 are vulnerable; no explicit...

6.5CVSS5.3AI score0.02274EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/27 12:0 a.m.4 views

ZOHO ManageEngine ADSelfService Plus 安全漏洞

ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A security vulnerability exists in ZOHO ManageEngine ADSelfService Plus 6401 and prior versions, which stems from susceptibility to...

6.5CVSS6.5AI score0.02274EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/12 12:0 a.m.7 views

The vulnerability of the ManageEngine ADSelfService Plus password reset software lies in the lack of authentication for a critical function, allowing attackers to escalate their privileges.

The vulnerability of the ManageEngine ADSelfService Plus password reset software lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to gain elevated privileges remotely...

9CVSS7.6AI score0.07814EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/18 12:0 a.m.24 views

ManageEngine ADSelfService Plus < build 6402 Authenticated RCE

According to its self-reported version, the ManageEngine ADSelfService Plus application running on the remote host is prior to build 6402. It is, therefore, affected by an authenticated remote code execution vulnerability in the load balancer component of ADSelfService Plus. All ADSelfService Plu...

8.8CVSS8.7AI score0.07814EPSS
Exploits0References2
NVD
NVD
added 2024/01/11 8:15 a.m.25 views

CVE-2024-0252

ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...

8.8CVSS9.1AI score0.07814EPSS
Exploits0References1
OSV
OSV
added 2024/01/11 8:15 a.m.6 views

CVE-2024-0252

ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...

8.8CVSS6.3AI score0.07814EPSS
Exploits0References1
Prion
Prion
added 2024/01/11 8:15 a.m.18 views

Remote code execution

ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...

6.5CVSS8.1AI score0.07814EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/11 7:57 a.m.2 views

CVE-2024-0252 Remote code execution

ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...

8.8CVSS9.1AI score0.07814EPSS
Exploits0References1
CVE
CVE
added 2024/01/11 7:57 a.m.73 views

CVE-2024-0252

ManageEngine ADSelfService Plus, versions 6401 and below, are affected by an authenticated remote code execution vulnerability in the load balancer component. CVE-2024-0252 is described across NVD/Red Hat and related feeds with an impact assessed as High (CVSS v3.1: 8.8, Network, Privileges Requi...

8.8CVSS9AI score0.07814EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/11 7:57 a.m.44 views

CVE-2024-0252 Remote code execution

ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...

8.8CVSS9.3AI score0.07814EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.7 views

ZOHO ManageEngine ADSelfService Plus Security Vulnerability

ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A security vulnerability exists in ZOHO ManageEngine ADSelfService Plus 6401 and prior versions, which stems from a remote code...

8.8CVSS8.2AI score0.07814EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/27 12:0 a.m.4 views

PT-2023-9278 · Zoho · Zoho Manageengine Adselfservice Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADSelfService Plus versions below 6401 Description: The issue is related to an uncontrolled resource consumption in the password reset software, which can be exploited by a remote attacker to cause a denial of service. The...

6.5CVSS7.3AI score0.02274EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2023/09/06 5:15 a.m.6 views

CVE-2023-35719

ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Authentication is not...

6.8CVSS7.1AI score0.26426EPSS
Exploits0References3
Prion
Prion
added 2023/09/06 5:15 a.m.22 views

Authentication flaw

ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Authentication is not...

4.6CVSS7AI score0.26426EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder