CVE-2021-20147
CVE-2021-20147
ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists.
Productos afectados
n/a · ManageEngine ADSelfService Plus¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →