CVE-2021-40539 - Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability
Project:Zoho
Product:ManageEngine
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability
Description
Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-40539