First published: Tue Sep 21 2021(Updated: )
Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp ManageEngine ADManager Plus | <6.1 | |
Zohocorp ManageEngine ADManager Plus | =6.1 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6100 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6101 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6102 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6103 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6104 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6105 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6106 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6107 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6108 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6109 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6110 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6111 |
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6112-hotfix-release
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-37419 is a vulnerability in Zoho ManageEngine ADSelfService Plus before version 6.1.12 that allows for Server-Side Request Forgery (SSRF).
CVE-2021-37419 has a severity rating of 7.5 (high).
Zoho ManageEngine ADSelfService Plus versions before 6.1.12 are affected by CVE-2021-37419.
To fix CVE-2021-37419, upgrade to Zoho ManageEngine ADSelfService Plus version 6.1.12 or higher.
For more information about CVE-2021-37419, you can refer to the following resources: [link 1](https://blog.stmcyber.com/vulns/cve-2021-37419/), [link 2](https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6112-hotfix-release), [link 3](https://www.manageengine.com).