What is CVE-2023-28342?

A high-severity vulnerability has been identified in Zoho ManageEngine ADSelfService Plus. This vulnerability allows unauthenticated users to launch Denial-of-Service attacks through the Mobile App Authentication API. Organizations should prioritize patching immediately to mitigate this risk.

What is the severity of CVE-2023-28342?

CVE-2023-28342 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2023-28342 | High Vulnerability in Zoho ManageEngine ADSelfService Plus

Zoho ManageEngine ADSelfService Plus, prior to version 6218, is affected by a high-severity vulnerability that enables attackers to execute Denial-of-Service (DoS) attacks via the Mobile App Authentication API. With a CVSS score of 7.5, this vulnerability poses a significant risk to organizations that utilize this software for identity and access management.

The vulnerability, classified under CWE-400, indicates that it allows any user to overload the system, leading to potential service interruptions. Given the reliance on these systems for user authentication and self-service password resets, the impact can disrupt business operations and compromise access to critical resources.

As of now, no known exploits have been reported, but the nature of this vulnerability makes it a high-priority concern for organizations. Patching should be treated with urgency, especially as the attack vector is network-based with low complexity, requiring no user interaction.

Organizations should prioritize patching immediately to protect their environments from potential exploitation.

Vulnerability Details

The vulnerability allows unauthorized users to perform DoS attacks through the Mobile App Authentication API of Zoho ManageEngine ADSelfService Plus, versions prior to 6218. The CVSS score of 7.5 indicates a high severity, emphasizing the necessity for immediate mitigation steps.

Technical Analysis

The root cause of this vulnerability stems from insufficient validation in the Mobile App Authentication API, which allows attackers to send crafted requests that exhaust server resources. This vulnerability is exploitable over the network, requires no privileges, and does not necessitate user interaction.

The attack complexity is low, making it accessible to a wide range of potential attackers. The primary impact is on availability, with a high potential for service disruption.

Risk & Impact Analysis

Risk to organizations includes potential disruption of services that rely on the Mobile App Authentication API. Given the high availability impact, organizations may experience significant operational downtime if exploited. Furthermore, the ease of exploitation highlights the urgency for organizations to incorporate this vulnerability into their patch management cycle.

Organizations should address in priority patch cycle to prevent potential service interruptions.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of Zoho ManageEngine ADSelfService Plus prior to 6218 are affected by this vulnerability. Organizations should ensure that they are running updated versions to mitigate exposure.

Mitigation & Remediation

To remediate this vulnerability, organizations must upgrade to Zoho ManageEngine ADSelfService Plus version 6218 or later. Additionally, organizations should implement network controls to limit access to the Mobile App Authentication API and monitor for unusual traffic patterns indicative of exploitation attempts.

Organizations may also consider engaging in penetration testing to evaluate their security posture against similar vulnerabilities.

Detection Guidance

Security teams should monitor logs for indicators of unusual access patterns to the Mobile App Authentication API, which may suggest attempts at exploitation. Additionally, any spikes in resource utilization should be investigated to ensure that they are not the result of a DoS attack.

AppSecure Threat Intelligence Insight

The emergence of this vulnerability highlights the ongoing need for organizations to maintain vigilance in updating and securing their software components. As cyber threats evolve, security teams should adopt a proactive approach in their vulnerability management programs.

This vulnerability serves as a reminder to conduct regular security assessments, and organizations may benefit from reviewing their vulnerability management program to ensure that all potential weaknesses are addressed.

Consider implementing an ongoing security awareness training program for developers to better understand secure coding practices and the implications of vulnerabilities.

For detailed guidance on penetration testing methodologies, refer to our penetration testing methodology blog.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-28342: High Vulnerability in Zoho ManageEngine ADSelfService Plus