Fixed Ciphering Keys in Zoho ManageEngine ADSelfService Plus 5.x Allows for Data Decryption
CVE-2019-7161 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. It uses fixed ciphering keys to protect information, giving the capacity for an attacker to decipher any protected data.
Learn more about our Web Application Penetration Testing UK.