CVE-2021-20147 is a vulnerability in Zoho Corp Manageengine Adselfservice Plus
Published on January 3, 2022

ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists.

NVD

Products Associated with CVE-2021-20147

Want to know whenever a new CVE is published for Zoho Corp Manageengine Adselfservice Plus? stack.watch will email you.

Zoho Corp Manageengine Adselfservice Plus

Exploit Probability

EPSS

18.03%

Percentile

95.03%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-20147 is a vulnerability in Zoho Corp Manageengine Adselfservice PlusPublished on January 3, 2022

Products Associated with CVE-2021-20147

Exploit Probability

CVE-2021-20147 is a vulnerability in Zoho Corp Manageengine Adselfservice Plus
Published on January 3, 2022