cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ManageEngine ADSelfService Plus Vulnerability

TheGift73
Engaged Sweeper
Hi,

Is there a report for checking all machines in Lansweeper for any builds in our environment that are running build versions 6113 or below, as those are vulnerable to CVE-2021-40539 exploit which has been deemed as Critical.

Microsoft Blog (Incl IOC's if needed for report)

https://www.microsoft.com/security/blog/2021/11/08/threat-actor-dev-0322-exploiting-zoho-manageengine-adselfservice-plus/

ManageEngine Article:

https://www.manageengine.com/products/self-service-password/kb/how-to-fix-authentication-bypass-vulnerability-in-REST-API.html

If there is one available, could you please point me to it, as I have tried to find one, but unable to?

Regards,
1 REPLY 1

Esben_D
Lansweeper Employee
Lansweeper Employee
Unfortunately, I didn't have the time to create it. I'm assuming a software report that filters on a specific version will do the thick though.