First published: Tue Sep 21 2021(Updated: )
Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoofing.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp ManageEngine ADManager Plus | <6.1 | |
Zohocorp ManageEngine ADManager Plus | =6.1 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6100 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6101 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6102 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6103 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6104 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6105 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6106 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6107 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6108 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6109 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6110 | |
Zohocorp ManageEngine ADManager Plus | =6.1-6111 |
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6112-hotfix-release
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-37420 is a vulnerability in Zoho ManageEngine ADSelfService Plus before 6112 that allows for mail spoofing.
CVE-2021-37420 has a severity rating of 6.5 (medium).
CVE-2021-37420 affects Zoho ManageEngine ADSelfService Plus versions up to and including 6.1.
To fix CVE-2021-37420, update to version 6.1-6112 or later of Zoho ManageEngine ADSelfService Plus.
You can find more information about CVE-2021-37420 at the following sources: [link1], [link2], [link3].