Direct Inward Dialing: +1 408 916 9393
|Affected software versions||7201 and older|
|Fixed on||July 01, 2023|
ADManager Plus builds 7201 and older are reported to have a security vulnerability which can be exploited by 2FA-enabled technicians to gain access to other privileged accounts. This has been fixed in the build 7202; its release notes can be found here.
2FA-enabled technicians can gain access to other privileged accounts by crafting an API request.
Update your ADManager Plus instance to its latest build by installing the service pack.
This issue was reported by dalt4sec via Zoho's Bug Bounty program.
Select a language to translate the contents of this web page:
Fill this form, and we'll contact you rightaway.
Our technical support team will get in touch with you at the earliest."