logo

CVE-2022-28810 - Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability

CVE-2022-28810

Zoho | ManageEngine

  • Date Added:
  • 2023-03-07
  • Due Date:
  • 2023-03-28
Vulnerability Name

Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability

Description

Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28810.html; https://nvd.nist.gov/vuln/detail/CVE-2022-28810

Free online web security scanner