{"id":20467,"date":"2025-04-09T20:27:32","date_gmt":"2025-04-09T20:27:32","guid":{"rendered":""},"modified":"2025-05-29T12:38:11","modified_gmt":"2025-05-29T18:38:11","slug":"cve-2024-0252-remote-code-execution-rce-vulnerability-in-manageengine-adselfservice-plus","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2024-0252-remote-code-execution-rce-vulnerability-in-manageengine-adselfservice-plus\/","title":{"rendered":"CVE-2024-0252<strong>:<\/strong> Remote code execution (RCE) vulnerability in ManageEngine ADSelfService Plus"},"content":{"rendered":"<p class=\"\" data-start=\"0\" data-end=\"164\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">In January 2024, a critical security vulnerability was identified in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution for Active Directory and cloud applications.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">This vulnerability, designated as <strong data-start=\"34\" data-end=\"51\">CVE-2024-0252<\/strong>, allows authenticated users to execute arbitrary code remotely on the system where ADSelfService Plus is installed.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">This blog post provides an in-depth analysis of the vulnerability, its potential impact, and recommended mitigation strategies.<\/span>\u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/threatprotect.qualys.com\/2024\/01\/24\/zoho-manageengine-adselfservice-plus-remote-code-execution-vulnerability-cve-2024-0252\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Red Hat Customer Portal<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Qualys ThreatPROTECT<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><\/span><\/a><\/span><span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2024-0252.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Qualys ThreatPROTECT<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+3<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+3<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Security Boulevard<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+3<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<h2 class=\"\" data-start=\"171\" data-end=\"201\">Understanding CVE-2024-0252<\/h2>\n<p class=\"\" data-start=\"203\" data-end=\"524\"><strong data-start=\"203\" data-end=\"220\">CVE-2024-0252<\/strong> is a <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-21625-critical-remote-code-execution-vulnerability-in-network-protocol\/\"  data-wpil-monitor-id=\"24234\">remote code execution<\/a> (RCE) vulnerability found in the load balancer component of ManageEngine ADSelfService Plus versions 6401 and earlier. <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">The flaw arises from improper handling within this component, which can be exploited by an authenticated user to <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-22937-critical-remote-code-execution-vulnerability\/\"  data-wpil-monitor-id=\"24865\">execute arbitrary code<\/a> on the host system.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">This could lead to unauthorized access, data breaches, or further <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-52073-critical-buffer-overflow-exploit-in-network-security-systems\/\"  data-wpil-monitor-id=\"25336\">exploitation within the network<\/a>.<\/span> \u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.incibe.es\/en\/incibe-cert\/early-warning\/vulnerabilities\/cve-2024-0252?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">GitHub<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+6<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">INCIBE<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+6<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">SecAlerts<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+6<\/span><\/span><\/span><\/a><\/span><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2024-0252.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><\/span><\/span><\/a><\/span><\/p>\n<h3 class=\"\" data-start=\"526\" data-end=\"547\">Technical Details<\/h3>\n<p class=\"\" data-start=\"549\" data-end=\"710\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">While specific technical details and proof-of-concept (PoC) exploit code for CVE-2024-0252 have not been publicly disclosed, the vulnerability is attributed to improper control of code generation, classified under <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/94.html\" target=\"_new\" rel=\"noopener noreferrer\" data-start=\"214\" data-end=\"329\">CWE-94: Improper Control of Generation of Code (&#8216;Code Injection&#8217;)<\/a>.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">This indicates that the application fails to properly sanitize user input, allowing attackers to <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-29048-remote-code-execution-via-oxmf-template-injection-in-open-xchange-app-suite\/\"  data-wpil-monitor-id=\"24543\">inject and execute malicious code<\/a>.<\/span> \u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/feedly.com\/cve\/CVE-2024-0252?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">OpenCVE<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+3<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Feedly<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+3<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">NVD<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+3<\/span><\/span><\/span><\/a><\/span><\/p>\n<h2 class=\"\" data-start=\"717\" data-end=\"737\">Impact Assessment<\/h2>\n<p class=\"\" data-start=\"739\" data-end=\"866\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-27007-incorrect-privilege-assignment-vulnerability-in-brainstorm-force-suretriggers\/\"  data-wpil-monitor-id=\"42437\">vulnerability has been assigned<\/a> a CVSS v3.1 base score of 8.8, categorizing it as <strong data-start=\"86\" data-end=\"94\">High<\/strong> severity.<\/span> The breakdown of the score is as follows:\u200b<\/p>\n<ul data-start=\"868\" data-end=\"1104\">\n<li class=\"\" data-start=\"868\" data-end=\"896\">\n<p class=\"\" data-start=\"870\" data-end=\"896\"><strong data-start=\"870\" data-end=\"888\"><\/strong><a href=\"https:\/\/www.ameeba.com\/blog\/local-hospital-network-grapples-with-major-tech-outage-a-cybersecurity-attack-case-study\/\"  data-wpil-monitor-id=\"51080\">Attack Vector: Network<\/a><\/p>\n<\/li>\n<li class=\"\" data-start=\"897\" data-end=\"925\">\n<p class=\"\" data-start=\"899\" data-end=\"925\"><strong data-start=\"899\" data-end=\"921\">Attack Complexity:<\/strong> Low<\/p>\n<\/li>\n<li class=\"\" data-start=\"926\" data-end=\"956\">\n<p class=\"\" data-start=\"928\" data-end=\"956\"><strong data-start=\"928\" data-end=\"952\">Privileges Required:<\/strong> Low<\/p>\n<\/li>\n<li class=\"\" data-start=\"957\" data-end=\"985\">\n<p class=\"\" data-start=\"959\" data-end=\"985\"><strong data-start=\"959\" data-end=\"980\">User Interaction:<\/strong> None<\/p>\n<\/li>\n<li class=\"\" data-start=\"986\" data-end=\"1008\">\n<p class=\"\" data-start=\"988\" data-end=\"1008\"><strong data-start=\"988\" data-end=\"998\">Scope:<\/strong> Unchanged<\/p>\n<\/li>\n<li class=\"\" data-start=\"1009\" data-end=\"1043\">\n<p class=\"\" data-start=\"1011\" data-end=\"1043\"><strong data-start=\"1011\" data-end=\"1038\">Confidentiality Impact:<\/strong> High<\/p>\n<\/li>\n<li class=\"\" data-start=\"1044\" data-end=\"1072\">\n<p class=\"\" data-start=\"1046\" data-end=\"1072\"><strong data-start=\"1046\" data-end=\"1067\">Integrity Impact:<\/strong> High<\/p>\n<\/li>\n<li class=\"\" data-start=\"1073\" data-end=\"1104\">\n<p class=\"\" data-start=\"1075\" data-end=\"1104\"><strong data-start=\"1075\" data-end=\"1099\">Availability Impact:<\/strong> High<\/p>\n<\/li>\n<\/ul>\n<p class=\"\" data-start=\"1106\" data-end=\"1231\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">This assessment underscores the ease with which the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-47992-critical-buffer-overflow-vulnerability-exploit-in-freeimage-library\/\"  data-wpil-monitor-id=\"25593\">vulnerability can be exploited<\/a> and the significant potential impact on confidentiality, integrity, and availability.<\/span> \u200b<\/p><div id=\"ameeb-1179527494\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<h2 class=\"\" data-start=\"1238\" data-end=\"1258\">Affected Versions<\/h2>\n<p class=\"\" data-start=\"1260\" data-end=\"1425\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-32577-php-remote-file-inclusion-vulnerability-in-hakeemnala-build-app-online\/\"  data-wpil-monitor-id=\"32328\">vulnerability affects ManageEngine ADSelfService Plus builds<\/a> <strong data-start=\"65\" data-end=\"85\">6401 and earlier<\/strong>.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">All installations of ADSelfService Plus, regardless of load balancer configurations, are susceptible to this issue.<\/span> \u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/threatprotect.qualys.com\/2024\/01\/24\/zoho-manageengine-adselfservice-plus-remote-code-execution-vulnerability-cve-2024-0252\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Security Boulevard<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Qualys ThreatPROTECT<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">INCIBE<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><\/span><\/a><\/span><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2024-0252.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Feedly<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+4<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+4<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Qualys ThreatPROTECT<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+4<\/span><\/span><\/span><\/a><\/span><\/p>\n<h2 class=\"\" data-start=\"1432\" data-end=\"1456\">Mitigation Strategies<\/h2>\n<p class=\"\" data-start=\"1458\" data-end=\"1578\">To protect your <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-43514-memory-corruption-vulnerability-leading-to-potential-system-compromise\/\"  data-wpil-monitor-id=\"31585\">systems from potential<\/a> exploitation of CVE-2024-0252, it is crucial to implement the following measures:<\/p>\n<ol data-start=\"1580\" data-end=\"2278\">\n<li class=\"\" data-start=\"1580\" data-end=\"1924\">\n<p class=\"\" data-start=\"1583\" data-end=\"1702\"><strong data-start=\"1583\" data-end=\"1616\">Update to the Latest Version:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">Upgrade ADSelfService Plus to build <strong data-start=\"36\" data-end=\"53\">6402 or later<\/strong>, where the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-50760-addressing-the-critical-buffer-overflow-vulnerability-in-secure-shell-ssh\/\"  data-wpil-monitor-id=\"24544\">vulnerability has been addressed<\/a>. The update includes:<\/span>\u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2024-0252.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+1<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Qualys ThreatPROTECT<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+1<\/span><\/span><\/span><\/a><\/span><\/p>\n<ul data-start=\"1706\" data-end=\"1924\">\n<li class=\"\" data-start=\"1706\" data-end=\"1793\">\n<p class=\"\" data-start=\"1708\" data-end=\"1793\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">Restrictions on <a class=\"wpil_keyword_link\" href=\"https:\/\/chat.ameeba.com\"   title=\"communication\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24142\">communication<\/a> processes within the load balancer component.<\/span>\u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/threatprotect.qualys.com\/2024\/01\/24\/zoho-manageengine-adselfservice-plus-remote-code-execution-vulnerability-cve-2024-0252\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">CVE Database<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+9<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Qualys ThreatPROTECT<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+9<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+9<\/span><\/span><\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"\" data-start=\"1797\" data-end=\"1924\">\n<p class=\"\" data-start=\"1799\" data-end=\"1924\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">Restrictions preventing <a class=\"wpil_keyword_link\" href=\"https:\/\/www.ameeba.com\"   title=\"domain\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24144\">domain<\/a> users from accessing load balancer APIs.<\/span> \u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2024-0252.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+1<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Qualys ThreatPROTECT<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+1<\/span><\/span><\/span><\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li class=\"\" data-start=\"1926\" data-end=\"2035\">\n<p class=\"\" data-start=\"1929\" data-end=\"2035\"><strong data-start=\"1929\" data-end=\"1949\">Restrict Access:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">Limit access to the ADSelfService <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2945-unveiling-the-system-access-vulnerability-in-network-security-protocols\/\"  data-wpil-monitor-id=\"26722\">Plus<\/a> interface to only trusted users and networks.<\/span>\u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2024-0252.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">INCIBE<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Security Boulevard<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+11<\/span><\/span><\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"\" data-start=\"2037\" data-end=\"2148\">\n<p class=\"\" data-start=\"2040\" data-end=\"2148\"><strong data-start=\"2040\" data-end=\"2062\">Monitor and Audit:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">Regularly monitor and audit <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-24351-remote-logging-vulnerability-in-ctrlx-os-can-lead-to-root-level-system-compromise\/\"  data-wpil-monitor-id=\"42160\">system logs<\/a> for any unusual or unauthorized activities.<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"2150\" data-end=\"2278\">\n<p class=\"\" data-start=\"2153\" data-end=\"2278\"><strong data-start=\"2153\" data-end=\"2192\">Apply Principle of Least Privilege:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">Ensure that <a href=\"https:\/\/www.ameeba.com\/blog\/fortinet-s-fortigate-vulnerability-ssl-vpn-symlink-exploit-puts-user-access-at-risk-post-patching\/\"  data-wpil-monitor-id=\"31586\">users have only the minimum level of access<\/a> necessary for their roles.<\/span>\u200b<\/p>\n<\/li>\n<\/ol>\n<p class=\"\" data-start=\"2280\" data-end=\"2365\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">For detailed instructions on updating your ADSelfService Plus installation, refer to the <a href=\"https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2024-0252.html\" target=\"_new\" rel=\"noopener noreferrer\" data-start=\"89\" data-end=\"210\">official ManageEngine advisory<\/a>.<\/span>\u200b<span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem]\"><a class=\"flex h-6 overflow-hidden rounded-xl px-2.5 text-[0.5625em] font-medium text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.manageengine.com\/products\/self-service-password\/advisory\/CVE-2024-0252.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative bottom-0 left-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Security Boulevard<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+10<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">ManageEngine<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+10<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-full grow truncate overflow-hidden text-center\">Qualys ThreatPROTECT<\/span><span class=\"ms-1 -me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+10<\/span><\/span><\/span><\/a><\/span><\/p>\n<h2 class=\"\" data-start=\"2372\" data-end=\"2385\">Conclusion<\/h2>\n<p class=\"\" data-start=\"2387\" data-end=\"2552\"><span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">CVE-2024-0252 represents a significant security <a class=\"wpil_keyword_link\" href=\"https:\/\/ameeba.com\"   title=\"risk\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24143\">risk<\/a> for organizations utilizing vulnerable versions of ManageEngine ADSelfService Plus.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">By promptly updating to the latest version and <a href=\"https:\/\/www.ameeba.com\/blog\/securing-the-future-implementing-zero-trust-ai-for-robust-cybersecurity\/\"  data-wpil-monitor-id=\"25903\">implementing robust<\/a> security practices, organizations can mitigate the risk associated with this vulnerability.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded-sm px-px py-[0.2rem]\">Staying vigilant and proactive in applying <a href=\"https:\/\/www.ameeba.com\/blog\/smart-home-security-7-essential-tips-from-nist-cybersecurity-researcher\/\"  data-wpil-monitor-id=\"25473\">security updates is essential<\/a> in maintaining a secure IT environment.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In January 2024, a critical security vulnerability was identified in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution for Active Directory and cloud applications. This vulnerability, designated as CVE-2024-0252, allows authenticated users to execute arbitrary code remotely on the system where ADSelfService Plus is installed. This blog post provides an in-depth analysis [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[79],"product":[],"attack_vector":[78,80],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-20467","post","type-post","status-publish","format-standard","hentry","category-uncategorized","vendor-github","attack_vector-injection","attack_vector-rce"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/20467","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=20467"}],"version-history":[{"count":21,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/20467\/revisions"}],"predecessor-version":[{"id":45702,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/20467\/revisions\/45702"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=20467"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=20467"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=20467"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=20467"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=20467"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=20467"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=20467"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=20467"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=20467"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}