![]() ![]() The Rest API URLs are authenticated by a specific security filter in ADSelfService Plus.Īttackers used specially crafted Rest API URLs that were able to bypass this security filter due to an error in normalizing the URLs before validation. ![]() We were notified about an authentication bypass vulnerability in ADSelfService Plus affecting the REST API URLs that could result in remote code execution. We have partnered with Veracode, an independent application security company, to conduct manual pen tests on ADSelfService Plus so that we get a third-person perspective on the security footing of the solution. Our emergency support team will help you through a one-on-one session and manually run the tool, check for indicators of compromise, and answer all your questions. You can also sign up for a complementary vulnerability audit on this page. Have questions about this vulnerability? Check out our detailed FAQ page. For more information on the latest updates and the timeline of the vulnerability, you can visit this page. This page covers details of the vulnerability and an incident response plan if your system is affected. Versions affected.: ADSelfService Plus builds up to 6113įix: ADSelfService Plus build 6114 ( Sep 7, 2021) Security advisory - ADSelfService Plus authentication bypass vulnerability ![]() AD Free Tools Active Directory FREE Tools.AD360 Integrated Identity & Access Management.RecoveryManager Plus Enterprise backup and recovery tool.DataSecurity Plus File server auditing & data discovery.M365 Manager Plus Microsoft 365 Management & Reporting Tool.EventLog Analyzer Real-time Log Analysis & Reporting.Exchange Reporter Plus Exchange Server Auditing & Reporting. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |