Unrated severityNVD Advisory· Published Jun 20, 2023· Updated Aug 2, 2024
CVE-2023-35854
CVE-2023-35854
Description
Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator. NOTE: the vendor's perspective is that they have "found no evidence or detail of a security vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Zoho ManageEngine/ADSelfService Plusdescription
- Range: <=6113
Patches
Vulnerability mechanics
References
1- www.manageengine.commitre
News mentions
0No linked articles in our index yet.