Direct Inward Dialing: +1 408 916 9393
|Affected software version||7202 and older|
|Fixed on||July 30, 2023|
The CVE- 2023-41904 refers to an issue in ADManager Plus versions 7202 and older where the REST APIs were accessible without proper 2FA verification.This has been fixed in the build 7203 and its release notes can be found here.
Authtokens used for the REST API request can be generated without the 2FA. Learn more about the generation of REST API AuthToken here.
Update your ADManager Plus instance to its latest build by installing the service pack.
This vulnerability was reported by the Vector0 Research Team.
Select a language to translate the contents of this web page:
Fill this form, and we'll contact you rightaway.
Our technical support team will get in touch with you at the earliest."