Description
ManageEngine ADSelfService Plus is a self-service password management and single sign-on solution for Active Directory and cloud applications.
ManageEngine ADSelfService Plus builds 6113 and below have an authentication bypass vulnerability in REST API. An unauthenticated attacker could exploit this vulnerability to take control of an affected system.
Remediation
Upgrade to the latest version of ManageEngine ADSelfService Plus
References
Related Vulnerabilities
WordPress Plugin Livemesh SiteOrigin Widgets Security Bypass (2.5.1)
WordPress Plugin Advance Menu Manager Security Bypass (3.0)
WordPress Plugin Titan Anti-spam & Security Security Bypass (7.3.0)
WordPress Plugin Premmerce Wholesale Pricing for WooCommerce Security Bypass (1.1.3)
WordPress Plugin YITH Color and Label Variations for WooCommerce Security Bypass (1.8.11)