Unrated severityNVD Advisory· Published May 20, 2022· Updated Aug 3, 2024
CVE-2022-28987
CVE-2022-28987
Description
Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Zoho/ManageEngine ADSelfService Plusdescription
- Range: <6202
Patches
Vulnerability mechanics
References
3- github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/adselfservice-userenum.mdmitrex_refsource_MISC
- github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/adselfservice-userenum.pymitrex_refsource_MISC
- www.manageengine.com/products/self-service-password/advisory/CVE-2022-28987.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.