CVE-2025-1723

EPSS 0.03%
Published 03.03.2025 08:15:15
Last modified 30.09.2025 15:01:26
Source 0fc0942c-577d-436f-ae8e-945763
Teams watchlist Login
Open Login

Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Zohocorp ≫ Manageengine Adselfservice Plus Version < 6.5

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6500

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6501

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6502

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6503

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6504

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6505

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6506

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6507

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6508

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6509

Zohocorp ≫ Manageengine Adselfservice Plus Version6.5 Update6510

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.054

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
0fc0942c-577d-436f-ae8e-945763c79b02	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

https://www.manageengine.com/products/self-service-password/advisory/CVE-2025-1723.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-1723

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-1723

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-1723

EUVD