Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-88252
HistoryAug 31, 2021 - 12:00 a.m.

Zoho ManageEngine ADSelfService Plus Access Control Error Vulnerability

2021-08-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
zoho manageengine
adselfservice plus
access control
vulnerability
web-based
end-user
password management
software
exploitation
x-forwarded-for
header
cnvd

EPSS

0.037

Percentile

91.8%

JSON

ZOHO zoho manageengine adselfservice plus is a web-based end-user password management software from ZOHO. zoho ManageEngine ADSelfService Plus 6103 and earlier versions are vulnerable to an access control error that could be exploited by an attacker via the X The vulnerability can be exploited to bypass management portal access restrictions via the X-Forwarded-For header.

Related

cvelist 1
nvd 1
prion 1
cve 1
thn 1
cvelist
cvelist
CVE-2021-37421
2021-08-30 18:30:22
nvd
nvd
CVE-2021-37421
2021-08-30 19:15:09
prion
prion
Design/Logic Flaw
2021-08-30 19:15:00
cve
cve
CVE-2021-37421
2021-08-30 19:15:09
thn
thn
CISA Warns of Actively Exploited Zoho ManageEngine ADSelfService Vulnerability
2021-09-09 05:45:00

EPSS

0.037

Percentile

91.8%

JSON
Related for CNVD-2021-88252
cvelist1nvd1prion1cve1thn1