CVE-2021-20148

CWE-552 — Files Accessible to External Parties CWE-200 — Information Exposure3 documents3 sources

Severity

4.3MEDIUM

EPSS

0.3%

top 48.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zohocorp Manageengine Adselfservice Plus

Timeline

PublishedJan 3

Latest updateJan 4

Description

ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain under the html/ web root with a predictable filename based on the domain name. When ADSSP is configured with multiple Windows domains, a user from one domain can obtain the password policy for another domain by authenticating to the service and then sending a request specifying the password policy file of the other domain.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5manageengine_adselfservice_plus< 6116

▶NVDzohocorp/manageengine_adselfservice_plus6.0+1

🔴Vulnerability Details

GHSA

GHSA-9gjj-g26q-4xmj: ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain under the html/ web root with a predictable filename↗2022-01-04

▶

CVEList

CVE-2021-20148: ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain under the html/ web root with a predictable filename↗2022-01-03

▶