CVE-2021-40539

Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability

Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution. Vendor/Product: Zoho ManageEngine. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2021-40539