Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input.
History

Wed, 27 Nov 2024 16:45:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.4:6400:*:*:*:*:*:*

Tue, 08 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Zohocorp
Zohocorp manageengine Adselfservice Plus
CPEs cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*
Vendors & Products Zohocorp
Zohocorp manageengine Adselfservice Plus
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 07 Oct 2024 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400

Mon, 07 Oct 2024 20:00:00 +0000

Type Values Removed Values Added
Description Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP query. Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input.
Weaknesses CWE-90

cve-icon MITRE

Status: PUBLISHED

Assigner: ManageEngine

Published: 2024-05-27T17:26:14.229Z

Updated: 2024-10-07T19:44:05.359Z

Reserved: 2024-02-23T06:13:18.186Z

Link: CVE-2024-27310

cve-icon Vulnrichment

Updated: 2024-08-02T00:27:59.865Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-27T18:15:09.693

Modified: 2024-11-27T16:25:10.307

Link: CVE-2024-27310

cve-icon Redhat

No data.