Unrated severityNVD Advisory· Published Jun 17, 2019· Updated Aug 4, 2024
CVE-2019-12476
CVE-2019-12476
Description
An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. The attack uses a long sequence of crafted keyboard input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Zoho/ManageEngine ADSelfService Plusdescription
- Range: <5.0.6
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/108813mitrevdb-entryx_refsource_BID
- gist.github.com/0katz/54167ba30ea361f3776e269bb7b1afb3mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.