CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2021-37423

CVSS 9.8v3.1pub. 2021-09-10upd. 2024-11-21

Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zohocorp Manageengine Adselfservice Plus

    APP
    Zohocorp
    6.1< 6.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2022-47966CRITICAL9.8⚠ KEVten sam produkt

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code exec...

CVE-2021-40539CRITICAL9.8⚠ KEVten sam produkt

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass wi...

CVE-2025-11250CRITICAL9.1PL ✓ten sam produkt

Authentication Bypass w Zohocorp ManageEngine ADSelfService Plus

CVE-2023-35854CRITICAL9.8ten sam produkt

Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal ...

CVE-2022-36413CRITICAL9.1ten sam produkt

Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a passwo...