Hi,

We wanted to let you know that ADAudit Plus builds have been reported to suffer a broken authentication vulnerability, when using SAML authentication. This article explains the issue and the steps to be followed to secure your ADAudit Plus instance. For more information on this, please refer to our ADAudit Plus Build 6077 release notes here. 

Broken authentication vulnerability in ManageEngine ADAudit Plus allows an attacker to impersonate a legitimate user through traffic manipulation when using SAML authentication.

All users using ADAudit Plus versions below 6077. 

The severity of this vulnerability was recognized to be high.

Follow these steps to update your ADAudit Plus:

Step 1: Stop ADAudit Plus. 

Step 2: Download the service pack for the latest build 6077 from this page. If you wish to download the complete build, you can do it from here.

Step 3: Apply the service pack by following the steps under "Instructions to apply Service Pack" section in this page. 

Step 4: Start ADAudit Plus.

Follow these steps to disable SAML Authentication:

Step 1: Login to your ADAudit Plus console.

Step 2: Go to Admin > Logon Settings > Single Sign On and uncheck the Enable Single Sign-on with Active Directory option.

If you need any additional information or if you face any issues in performing the recommended steps, please write to us at support@adauditplus.com. You can also call us at +1 844 245 1101 (toll-free).