{"vulnerability": "cve-2023-35854", "sightings": [{"uuid": "139fdcbb-6ce7-4825-aa21-73ad263d69c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35854", "type": "seen", "source": "https://t.me/cibsecurity/65360", "content": "\u203c CVE-2023-35854 \u203c\n\nZoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-20T16:25:32.000000Z"}]}