Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/167051/ManageEngine-ADSelfService-Plus-Build-6118-NTLMv2-Hash-Exposure.html | Exploit Third Party Advisory VDB Entry |
https://docs.unsafe-inline.com/0day/multiple-manageengine-applications-critical-information-disclosure-vulnerability | Exploit Patch Third Party Advisory |
https://www.manageengine.com/products/self-service-password/release-notes.html | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-18T19:47:07
Updated: 2022-05-11T19:06:16
Reserved: 2022-04-18T00:00:00
Link: CVE-2022-29457
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-18T20:15:09.263
Modified: 2022-09-30T13:08:20.750
Link: CVE-2022-29457
JSON object: View
Redhat Information
No data.
CWE