ADManager Plus security vulnerabilities

ADManager Plus security vulnerabilities

Read about ManageEngine's security policies, which extend to all its products.

Note: ADManager Plus releases backend patches to address any major vulnerabilities. You will be able to view these updates under the bell icon in the product console.

This page lists the recently reported security vulnerabilities related to ADManager Plus.

  • User enumeration without authentication

    The Employee Search feature in ADManager Plus is enabled by default, so malicious users can exploit this and gain unauthorized access to the data.

    For more information on this vulnerability and steps to address it, refer to this security advisory document.

  • Unauthenticated change to integration system vulnerability

    ADManager Plus had an integration system vulnerability that an attacker could exploit to introduce unauthenticated changes to product integrations.

    To learn more about this issue and take steps to take to mitigate it, refer to this security advisory document.



      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                    • Related Articles

                    • How to identify and combat unrestricted file upload, path traversal and broken authentication vulnerabilities in ADManager Plus

                      ADManager Plus builds have been reported to suffer unrestricted file upload, path traversal and broken authentication vulnerabilities, leading to potential unauthenticated remote code execution. For more information on these vulnerabilities and their ...

                    • How to integrate ADManager Plus with ServiceDesk Plus?

                      Objective: To integrate ADManager Plus with ServiceDesk Plus Solution: The ADManager Plus-ServiceDesk Plus integration allows administrators to perform Active Directory management operations directly from the ServiceDesk Plus console. Using the ...

                    • How to integrate ADManager Plus with ServiceDesk Plus

                      The ADManager Plus-SeviceDesk Plus integration allows administrators to perform Active Directory management operations directly from the ServiceDesk Plus console. Using the ServiceDesk Plus console, administrators or help desk technicians can perform ...

                    • How to move ADManager Plus to a new folder

                      Objective: To move the ADManager Plus installation folder from its current location to a new location. Important: Check the build number of your current ADManager Plus installation (Log into ADManager Plus > Click the License link located in the ...

                    • How to install ADManager Plus in AWS

                      Steps to install ADManager Plus in Amazon Web Services EC2 instance: Logon to your Amazon Web Services (AWS) account. Select the configured EC2 instance and click the connect button. Connect to your Windows instance using: RDP client by downloading ...

                      Related Products