425 matches found
CVE-2025-1723 Account takeover
Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug...
ZOHO ManageEngine ADSelfService Plus 授权问题漏洞
ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A security vulnerability exists in ZOHO ManageEngine ADSelfService Plus 6510 and prior versions that stems from improper session...
PT-2025-9278 · Manageengine · Zoho Manageengine Adselfservice Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADSelfService Plus versions 6510 and below Description: The issue is related to session mishandling, which can lead to account takeover. Valid account holders in the setup only have the potential to exploit this bug. The...
CVE-2024-0252
ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...
Exploit for Use of Incorrectly-Resolved Name or Reference in Zohocorp Manageengine_Adselfservice_Plus
ADSelfService-Plus-RCE-CVE-2021-40539 ADSelfService Plus RCE...
Exploit for Use of Incorrectly-Resolved Name or Reference in Zohocorp Manageengine_Adselfservice_Plus
CVE-2021-40539 CVE-2021-40539: ADSelfService Plus RCE Vuln...
Exploit for Use of Incorrectly-Resolved Name or Reference in Zohocorp Manageengine_Adselfservice_Plus
CVE-2021-40539 CVE-2021-40539: ADSelfService Plus RCE Vulner...
The vulnerability of the ManageEngine ADSelfService Plus software for password reset functions, due to uncontrolled resource consumption, allows a hacker to trigger a service failure.
The vulnerability of the ManageEngine ADSelfService Plus password reset software is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
CVE-2024-27310
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...
CVE-2024-27310
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...
CVE-2024-27310
CVE-2024-27310 affects Zoho ManageEngine ADSelfService Plus prior to version 6401. The vulnerability arises from malicious LDAP input causing a denial-of-service condition, impacting availability (per CVE metrics). Connected sources corroborate that versions below 6401 are vulnerable; no explicit...
CVE-2024-27310 DOS Vulnerability
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...
CVE-2024-27310 DOS Vulnerability
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...
ZOHO ManageEngine ADSelfService Plus 安全漏洞
ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A security vulnerability exists in ZOHO ManageEngine ADSelfService Plus 6401 and prior versions, which stems from susceptibility to...
The vulnerability of the ManageEngine ADSelfService Plus password reset software lies in the lack of authentication for a critical function, allowing attackers to escalate their privileges.
The vulnerability of the ManageEngine ADSelfService Plus password reset software lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to gain elevated privileges remotely...
ManageEngine ADSelfService Plus < build 6402 Authenticated RCE
According to its self-reported version, the ManageEngine ADSelfService Plus application running on the remote host is prior to build 6402. It is, therefore, affected by an authenticated remote code execution vulnerability in the load balancer component of ADSelfService Plus. All ADSelfService Plu...
CVE-2024-0252
ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...
CVE-2024-0252
ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...
Remote code execution
ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...
CVE-2024-0252 Remote code execution
ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability...