PT-2021-19558 · Zoho · Zoho Manageengine Adselfservice Plus

Krzysztof Andrusiak

+1

·

Published

2021-07-02

·

Updated

2022-04-12

·

CVE-2021-31874

CVSS v3.1

5.9

Medium

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADSelfService Plus versions prior to 6104
Description: The issue allows attackers to obtain sensitive information about the password-sync database application in rare situations.
Recommendations: For versions prior to 6104, update to version 6104 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2021-31874

Affected Products

Zoho Manageengine Adselfservice Plus