Direct Inward Dialing: +1 408 916 9393
Vulnerability Details | |
Severity | High |
CVE ID | CVE-2024-24409 |
Affected software version | 7203 and older |
Fixed version | 7210 |
Fixed on | September 29, 2023 |
The CVE-2024-24409 refers to an issue in ADManager Plus versions 7203 and older. The built-in help desk roles, specifically the Modify Computers role for managing custom attributes of computers, were misconfigured. This issue has been fixed in build 7210, and the release notes can be found here.
Technicians with the Modify Computers role were previously able to manage Additional Custom Attribute for computers in ADManager Plus due to misconfigured permissions. This issue has now been resolved by implementing proper access control mechanisms.
Update your ADManager Plus instance to its latest build by installing the service pack.
This vulnerability was reported by Metin.
Select a language to translate the contents of this web page:
Fill this form, and we'll contact you rightaway.
Our technical support team will get in touch with you at the earliest."