Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF.
References
Link | Resource |
---|---|
https://www.manageengine.com | Product |
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6112-hotfix-release | Patch Vendor Advisory |
https://blog.stmcyber.com/vulns/cve-2021-37419/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2021-09-21 06:15
Updated : 2022-03-18 13:43
NVD link : CVE-2021-37419
Mitre link : CVE-2021-37419
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
zohocorp
- manageengine_admanager_plus