PT-2023-26367 · Zoho · Zoho Manageengine Admanager Plus

Dalt4Sec

Publicado

2023-08-04

Atualizado

2023-08-09

CVE-2023-38332

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine ADManager Plus versions through 7201

Description The issue allows authenticated users to take over another user's account via sensitive information disclosure. This can potentially lead to unauthorized access and control of user accounts.

Recommendations For versions through 7201, update to a version that contains a fix for this issue to prevent sensitive information disclosure and unauthorized account takeovers.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-38332

Produtos afetados

Zoho Manageengine Admanager Plus

PT-2023-26367 · Zoho · Zoho Manageengine Admanager Plus

CVE-2023-38332

Identificadores relacionados

Produtos afetados

Referências · 5