ADSelfService Plus 6114 Security Fix Release

ADSelfService Plus 6114 Security Fix Release

Important announcement:

 

The latest build of ADSelfService Plus, 6114, has been released, and it fixes the authentication bypass vulnerability [CVE-2021-40539], apart from bringing new features and improvements. Below is a list of all the updates:

 

Security Issue Fix:

  • An authentication bypass vulnerability affecting REST API URLs, that could result in Remote Code Execution, has now been fixed. [CVE-2021-40539]

            Severity: Critical

            

Note: As we are noticing indications of exploitation of this vulnerability, we strongly advise customers to update their installations to the latest build as soon as possible.

 

Feature:

  • SAML SSO support for ServiceDesk Plus: ADSelfService Plus now supports single-sign on  (SSO) to the on-premises version of ManageEngine ServiceDesk Plus.

Enhancement:

  • Migrated from JavaPNS to Pushy library (v0.14.1) and from NotNoop to Pushy library (v0.14.1), for sending iOS notifications and  pushing the mobile application respectively, when the MDM profile is installed.

 

How to update?

You can update to the latest build using the service pack. Instructions on how to install the service pack are also given on the page.




      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products