Fix released for a vulnerability in ManageEngine ADAudit Plus

Fix released for a vulnerability in ManageEngine ADAudit Plus

An unauthorized arbitrary file write vulnerability (CVE-2021-42847) in ManageEngine ADAudit Plus, has been addressed recently. This post explains the vulnerability and the steps to fix it.  

 

What is the issue?

The vulnerability in ADAudit Plus lets anyone to write and execute arbitrary files in the system.

 

Whom does it affect?

Customers using ADAudit Plus builds 7005 and earlier are affected.

 

What is the severity level of this vulnerability?

This is a critical vulnerability.

 

What is the fix for this issue?

Upgrade the product to build 7006 or later versions using the service pack from here.

 

Support:

If you need additional information or help in performing the recommended steps, please reach out to us at support@adauditplus.com or +1 844 245 1101 (toll-free).