Security Advisory

CVE-2019-12476

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-17 17:02:28

Last updated 2024-08-04 23:24:38

Assigner mitre

State PUBLISHED

Description

An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. The attack uses a long sequence of crafted keyboard input.

← Browse all CVEs View on cve.org ↗