432 matches found
CVE-2023-35785
CVE-2023-35785 is a TFA bypass vulnerability affecting Zoho ManageEngine Active Directory 360, ADAudit Plus, ADManager Plus, Asset Explorer, Cloud Security Plus, Data Security Plus, Eventlog Analyzer, Exchange Reporter Plus, Log360, Log360 UEBA, M365 Manager/Security Plus, Recovery Manager Plus, ...
The vulnerability of the software for managing Active Directory services, Zoho ManageEngine ADManager Plus, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Zoho ManageEngine ADManager Plus software for managing Active Directory services is related to insufficient protection of registration data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information—suc...
CVE-2023-31492
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...
CVE-2023-31492
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...
CVE-2023-31492
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...
Default credentials
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...
CVE-2023-31492
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...
CVE-2023-31492
CVE-2023-31492 affects Zoho ManageEngine ADManager Plus builds 7182 and earlier. The issue stems from improper access control in the Recovery/Backup workflow, which can allow an authenticated user to view or retrieve default passwords used for account restoration of unauthorized domains during ba...
ZOHO ManageEngine ADManager Plus 安全漏洞
ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...
CVE-2023-38332
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...
CVE-2023-38332
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...
CVE-2023-38332
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...
Information disclosure
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...
CVE-2023-38332
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...
ZOHO ManageEngine ADManager Plus Security Vulnerability
ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks such as batch management of user accoun...
CVE-2023-38332
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...
CVE-2023-38332
Summary: Zoho ManageEngine ADManager Plus up to version 7.2 Build 7201 contains an unauthorized access vulnerability that could allow an authenticated user to take over another user’s account via sensitive information disclosure. Root cause / impact: improper access control enabling account takeo...
PT-2023-4674 · Zoho · Zoho Manageengine Admanager Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADManager Plus versions prior to 7203 Description: The issue is related to inadequate access control in the Zoho ManageEngine ADManager Plus software, which can be exploited by a remote attacker to gain unauthorized access t...
CVE-2023-35786
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files...
CVE-2023-35786
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files...