This issue allows remote attackers to cause a denial of service (application restart) via a crafted payload to the Mobile App Deployment API. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue has been assigned the identifier CVE-2019-6204. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue has been assigned the identifier CVE-2019-6205. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue has been assigned the identifier CVE-2019-6206. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue has been assigned the identifier CVE-2019-6207. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue
Mitigation
& Risk Assessment
Zoho ManageEngine ADSelfService Plus is vulnerable to this issue due to the default configuration. Zoho ManageEngine ADSelfService Plus makes extensive use of network monitoring and therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue has been assigned the identifiers CVE-2019-6204, CVE-2019-6205, CVE-2019-6206 and CVE-2019-6207.
Summary
This issue allows attackers to cause a denial of service (application restart) via a crafted payload to the Mobile App Deployment API.
Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service.
Alert Logic - CVE-2019-6208
This issue allows remote attackers to cause a denial of service (application restart) via an HTTP request. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue has been assigned the identifier CVE-2019-6208. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue has been assigned the identifier CVE-2019-6209. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service. This issue has been assigned the identifier CVE-2019-6210. Network monitoring is enabled by default in Zoho ManageEngine ADSelfService Plus. Therefore, if an attacker can control or monitor the availability of the application via the network, they can cause a denial of service.
Timeline
Published on: 07/04/2022 20:15:00 UTC
Last modified on: 07/13/2022 13:34:00 UTC