Lucene search
MitreCVE-2023-28340HistoryApr 11, 2023 - 1:15 a.m.
CVE-2023-28340
2023-04-1101:15:07
CWE-611
mitre
web.nvd.nist.gov
20
cve-2023-28340
zoho
manageengine
applications manager
xxe
vulnerability
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
45.4%
Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack.
Affected configurations
Node
zohocorpmanageengine_applications_managerRange<16.3
ORzohocorpmanageengine_applications_managerMatch16.3build16300
ORzohocorpmanageengine_applications_managerMatch16.3build16310
ORzohocorpmanageengine_applications_managerMatch16.3build16320
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_applications_manager | * | cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:* |
| zohocorp | manageengine_applications_manager | 16.3 | cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16300:*:*:*:*:*:* |
| zohocorp | manageengine_applications_manager | 16.3 | cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16310:*:*:*:*:*:* |
| zohocorp | manageengine_applications_manager | 16.3 | cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16320:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-28340
2023-04-11 00:00:00
prion
prion
Design/Logic Flaw
2023-04-11 01:15:00
nvd
nvd
CVE-2023-28340
2023-04-11 01:15:07
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
45.4%
Related for CVE-2023-28340