Vulnerabilities

CVE-2021-20147

by Fred · 03/01/2022

ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists.

Date published : 2022-01-03

https://www.tenable.com/security/research/tra-2021-52

Similar

Tags: Cybersecurity Alert