4 matches found
ManageEngine ADAudit Plus < Build 8703 Account Takeover (CVE-2026-11374)
The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8703. It is, therefore, affected by an account takeover vulnerability: - The SSO tickets generated to authenticate a session could be predicted by an unauthenticated user, leading to account takeover...
CVE-2026-11374 Account Takeover via Predictable SSO Ticket Generation
In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus, the SSO tickets generated to authenticate that session could be predicted by an unauthenticated user, leading to account takeover...
CVE-2026-11374 Account Takeover via Predictable SSO Ticket Generation
In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus, the SSO tickets generated to authenticate that session could be predicted by an unauthenticated user, leading to account takeover...
PT-2026-51487
Name of the Vulnerable Software and Affected Versions ADSelfService Plus versions prior to 6529 RecoveryManager Plus versions prior to 6321 M365 Manager Plus versions prior to 4817 ADAudit Plus versions prior to 8703 Description In ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and...