How to fix the unauthenticated product integration vulnerability

How to fix the unauthenticated product integration vulnerability


Hello Everyone,

We wanted to let you know that a security vulnerability was detected in Exchange Reporter Plus and we have fixed it. This article explains how you can fix this issue.

What is the issue?

Exchange Reporter Plus had a vulnerable endpoint which allowed a user to integrate Exchange Reporter Plus with any other supported ManageEngine product, bypassing authentication. This could lead to data leak.

Which version of Exchange Reporter Plus is affected?

All Exchange Reporter Plus builds below 5510 are affected.

What is the severity level of the vulnerability?

This is a critical issue. As this vulnerability could be exploited without authentication, from any publicly exposed Exchange Reporter Plus installation, the risks posed could be critical.

Is there a fix for this issue?

Update the product to the latest build, 5510, using the service pack.

If you need further information, have any questions, or face any difficulties upgrading or performing the recommended steps, please get in touch with us at 
support@exchangereporterplus.com, or +1 408-916-9891 (toll free).
        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial





                            Related Products