CVE-2010-3272
published 2011-02-17CVE-2010-3272: accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 makes it easier for remote…
PriorityP431medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
4.02%
89.3th percentile
accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 makes it easier for remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, via a modified (1) Hide_Captcha or (2) quesList parameter in a validateAll action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zohocorp | manageengine_adselfservice_plus | <= 4.4 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS Possible ZOHO ManageEngine ADSelfService Captcha Bypass Attempt
suricata·2011-06-09
CVE-2010-3272 ET WEB_SPECIFIC_APPS Possible ZOHO ManageEngine ADSelfService Captcha Bypass Attempt
ET WEB_SPECIFIC_APPS Possible ZOHO ManageEngine ADSelfService Captcha Bypass Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Possible ZOHO ManageEngine ADSelfService Captcha Bypass Attempt"; flow:established,to_server; http.method; content:"POST"; nocase; http.uri; content:"/accounts/ValidateAnswers?methodToCall=validateAll"; nocase; fast_pattern; http.request_body; content:"&Hide_Captcha=0"; nocase; content:"&LOGIN_NAME="; nocase; distance:0; content:"&quesList="; nocase; distance:0; reference:url,www.coresecurity.com/content/zoho-manageengine-vulnerabilities; reference:cve,2010-3272; classtype:web-application-attack; sid:2012979; rev:4; metadata:created_at 2011_06_09, cve CVE_2010_3272, confidence Medium, signature_severity Major, updated_at 2020_1
No writeups or analysis indexed.
http://secunia.com/advisories/43241http://securityreason.com/securityalert/8089http://www.coresecurity.com/content/zoho-manageengine-vulnerabilitieshttp://www.osvdb.org/70870http://www.securityfocus.com/archive/1/516396/100/0/threadedhttp://www.securityfocus.com/bid/46331http://www.vupen.com/english/advisories/2011/0392https://exchange.xforce.ibmcloud.com/vulnerabilities/65350http://secunia.com/advisories/43241http://securityreason.com/securityalert/8089http://www.coresecurity.com/content/zoho-manageengine-vulnerabilitieshttp://www.osvdb.org/70870http://www.securityfocus.com/archive/1/516396/100/0/threadedhttp://www.securityfocus.com/bid/46331http://www.vupen.com/english/advisories/2011/0392https://exchange.xforce.ibmcloud.com/vulnerabilities/65350
2011-02-17
Published