This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ManageEngine ADSelfService Plus Vulnerability

TheGift73
Engaged Sweeper

‎11-30-2021 10:25 AM

Hi,

Is there a report for checking all machines in Lansweeper for any builds in our environment that are running build versions 6113 or below, as those are vulnerable to CVE-2021-40539 exploit which has been deemed as Critical.

Microsoft Blog (Incl IOC's if needed for report)

https://www.microsoft.com/security/blog/2021/11/08/threat-actor-dev-0322-exploiting-zoho-manageengine-adselfservice-plus/

ManageEngine Article:

https://www.manageengine.com/products/self-service-password/kb/how-to-fix-authentication-bypass-vulnerability-in-REST-API.html

If there is one available, could you please point me to it, as I have tried to find one, but unable to?

Regards,
Labels:
0 Kudos
1 REPLY 1
Esben_D
Lansweeper Employee
Lansweeper Employee

‎12-07-2021 01:21 PM

Unfortunately, I didn't have the time to create it. I'm assuming a software report that filters on a specific version will do the thick though.
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now