Zoho ManageEngine ADSelfService Plus before 6104, in rare situations, allows attackers to obtain sensitive information about the password-sync database application.
References
Link | Resource |
---|---|
https://blog.stmcyber.com/vulns/cve-2021-31874/ | Exploit Third Party Advisory |
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6104-released-with-an-important-security-fixes | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Apr 2022, 18:41
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://blog.stmcyber.com/vulns/cve-2021-31874/ - Exploit, Third Party Advisory |
02 Mar 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
06 Jul 2021, 17:53
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.9 |
References | (MISC) https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6104-released-with-an-important-security-fixes - Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6102:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6101:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6103:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6100:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:-:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* |
02 Jul 2021, 18:21
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-07-02 18:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-31874
Mitre link : CVE-2021-31874
CVE.ORG link : CVE-2021-31874
JSON object : View
Products Affected
zohocorp
- manageengine_adselfservice_plus
CWE