U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2021-40539

Change History

Initial Analysis by NIST 9/14/2021 2:24:38 PM

Action Type Old Value New Value
Added CPE Configuration 

								
							
							
								
							
						
								
							
								
OR
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4510:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4511:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4520:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4522:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4531:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4540:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4543:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4544:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4550:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4560:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4570:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4571:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4572:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4580:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4590:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4591:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4592:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5000:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5001:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5002:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5010:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5011:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5020:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5021:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5022:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5030:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5032:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5040:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0:5041:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.0.6:*:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5100:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5101:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5102:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5103:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5104:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5105:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5106:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5107:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5108:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5109:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5110:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5111:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5112:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5113:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5114:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5115:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.1:5116:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.2:5200:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.2:5201:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.2:5202:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.2:5203:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.2:5204:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.2:5205:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.2:5206:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.2:5207:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5300:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5301:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5302:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5303:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5304:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5305:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5306:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5307:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5308:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5309:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5310:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5311:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5312:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5313:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5314:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5315:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5316:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5317:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5318:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5319:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5320:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5321:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5322:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5323:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5324:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5325:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5326:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5327:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5328:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5329:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.3:5330:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.4:5400:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5500:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5501:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5502:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5503:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5504:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5505:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5506:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5507:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5508:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5509:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5510:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5511:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5512:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5513:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5514:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5515:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5516:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5517:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5518:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5519:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5520:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5521:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5600:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5601:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5602:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5603:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5604:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5605:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5606:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5607:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5607:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5700:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5701:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5702:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5703:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5704:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5705:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5706:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5707:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5708:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5709:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5710:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5800:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5801:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5802:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5803:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5804:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5805:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5806:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5807:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5808:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5809:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5810:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5811:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5812:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5813:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5814:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5815:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5816:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6000:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6001:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6002:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6003:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6004:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6005:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6006:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6007:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6008:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6009:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6012:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.0:6013:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6100:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6101:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6102:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6103:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6104:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6105:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6106:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6113:*:*:*:*:*:*

								
								
					

					

						Added
						CVSS V2
						
							
							
								
							
								

								
							
							
								
							
						
								
							
								
NIST (AV:N/AC:L/Au:N/C:P/I:P/A:P)

								
								
					

					

						Added
						CVSS V3.1
						
							
							
								
							
								

								
							
							
								
							
						
								
							
								
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

								
								
					

					

						Added
						CWE
						
							
							
								
							
								

								
							
							
								
							
						
								
							
								
NIST CWE-287

								
								
					

					

						Changed
						Reference Type
						
							
							
								
							
								
https://www.manageengine.com No Types Assigned

								
							
							
								
							
						
								
							
								
https://www.manageengine.com Vendor Advisory

								
								
					

					

						Changed
						Reference Type
						
							
							
								
							
								
https://www.manageengine.com/products/self-service-password/kb/how-to-fix-authentication-bypass-vulnerability-in-REST-API.html No Types Assigned

								
							
							
								
							
						
								
							
								
https://www.manageengine.com/products/self-service-password/kb/how-to-fix-authentication-bypass-vulnerability-in-REST-API.html Patch, Vendor Advisory