vulnerability

Zoho ManageEngine ADAudit Plus: CVE-2022-24978: Privilege Escalation Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	Mar 8, 2022	Dec 18, 2024	Oct 23, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

Mar 8, 2022

Added

Dec 18, 2024

Modified

Oct 23, 2025

Description

The privilege escalation vulnerability in ADAudit Plus allows a low privileged user to get the plain text password of the integrated ADManager Plus login account.

Solution

zoho-manageengine-adaudit-plus-upgrade-latest

References

CWE-319
CWE-522
CVE-2022-24978
https://attackerkb.com/topics/CVE-2022-24978
URL-https://manageengine.com
URL-https://pitstop.manageengine.com/portal/en/community/topic/cve-2022-24978-privilege-escalation-vulnerability-manageengine-adaudit-plus

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today