Vulnerability CVE-2023-31492


Published: 2023-08-17   Modified: 2023-08-18

Description:
Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated attackers to view user passwords after executing backup or recovery operations on user accounts.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
ManageEngine ADManager Plus Recovery Password Disclosure
Metin Yunus Kand...
15.02.2024

 References:
https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md

Copyright 2024, cxsecurity.com

 

Back to Top