CVE-2022-29457 | Zoho ManageEngine ADSelfService Plus Configuration information disclosure (EDB-50904)
A vulnerability was found in Zoho ManageEngine ADSelfService Plus, ADAuditPlus, Exchange Reporter Plus and ADManagerPlus and classified as problematic. Affected by this issue is some unknown functionality of the component Configuration Handler. The manipulation leads to information disclosure.
This vulnerability is handled as CVE-2022-29457. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.