Manageengine Adselfservice Plus
5 CVEs affecting Manageengine Adselfservice Plus. Latest disclosed: 2025-05-14. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0252 | High | 8.8 | 2024-01-11 | ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component… |
CVE-2025-3833 | High | 8.1 | 2025-05-14 | Zohocorp ManageEngine ADSelfService Plus versions 6513 and prior are vulnerable to authenticated SQL injection in the MFA reports. |
CVE-2025-1723 | High | 8.1 | 2025-03-03 | Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in th… |
CVE-2023-35719 | Medium | 6.8 | 2023-09-06 | ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physi… |
CVE-2024-27310 | Medium | 5.3 | 2024-05-27 | Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input. |