Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-29084
HistoryApr 13, 2023 - 7:15 p.m.

CVE-2023-29084

2023-04-1319:15:11
CWE-77
[email protected]
web.nvd.nist.gov
zoho manageengine
admanager plus
vulnerability
command injection
proxy settings

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.335 Low

EPSS

Percentile

97.1%

JSON

Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings.

Affected configurations

NVD
Node
zohocorpmanageengine_admanager_plusRange<7.1
OR
zohocorpmanageengine_admanager_plusMatch7.17100
OR
zohocorpmanageengine_admanager_plusMatch7.17101
OR
zohocorpmanageengine_admanager_plusMatch7.17102
OR
zohocorpmanageengine_admanager_plusMatch7.17110
OR
zohocorpmanageengine_admanager_plusMatch7.17111
OR
zohocorpmanageengine_admanager_plusMatch7.17112
OR
zohocorpmanageengine_admanager_plusMatch7.17113
OR
zohocorpmanageengine_admanager_plusMatch7.17114
OR
zohocorpmanageengine_admanager_plusMatch7.17115
OR
zohocorpmanageengine_admanager_plusMatch7.17116
OR
zohocorpmanageengine_admanager_plusMatch7.17117
OR
zohocorpmanageengine_admanager_plusMatch7.17118
OR
zohocorpmanageengine_admanager_plusMatch7.17120
OR
zohocorpmanageengine_admanager_plusMatch7.17121
OR
zohocorpmanageengine_admanager_plusMatch7.17122
OR
zohocorpmanageengine_admanager_plusMatch7.17123
OR
zohocorpmanageengine_admanager_plusMatch7.17124
OR
zohocorpmanageengine_admanager_plusMatch7.17125
OR
zohocorpmanageengine_admanager_plusMatch7.17126
OR
zohocorpmanageengine_admanager_plusMatch7.17130
OR
zohocorpmanageengine_admanager_plusMatch7.17131
OR
zohocorpmanageengine_admanager_plusMatch7.17140
OR
zohocorpmanageengine_admanager_plusMatch7.17141
OR
zohocorpmanageengine_admanager_plusMatch7.17150
OR
zohocorpmanageengine_admanager_plusMatch7.17151
OR
zohocorpmanageengine_admanager_plusMatch7.17160
OR
zohocorpmanageengine_admanager_plusMatch7.17161
OR
zohocorpmanageengine_admanager_plusMatch7.17162
OR
zohocorpmanageengine_admanager_plusMatch7.17163
OR
zohocorpmanageengine_admanager_plusMatch7.17170
OR
zohocorpmanageengine_admanager_plusMatch7.17171
OR
zohocorpmanageengine_admanager_plusMatch7.17180

Related

zdi 1
packetstorm 1
metasploit 1
cnvd 1
cvelist 1
cve 1
nuclei 1
prion 1
rapid7blog 1
zdi
zdi
ManageEngine ADManager Plus ChangePasswordAction Command Injection Remote Code Execution Vulnerability
2023-04-12 00:00:00
packetstorm
packetstorm
ManageEngine ADManager Plus Command Injection
2023-06-06 00:00:00
metasploit
metasploit
ManageEngine ADManager Plus ChangePasswordAction Authenticated Command Injection
2023-06-02 14:47:49
cnvd
cnvd
ZOHO ManageEngine ADManager Plus Remote Command Vulnerability
2023-04-17 00:00:00
cvelist
cvelist
CVE-2023-29084
2023-04-13 00:00:00
cve
cve
CVE-2023-29084
2023-04-13 19:15:11
nuclei
nuclei
ManageEngine ADManager Plus - Command Injection
2023-04-18 10:03:47
prion
prion
Command injection
2023-04-13 19:15:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-06-09 22:02:27

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.335 Low

EPSS

Percentile

97.1%

JSON
Related for NVD:CVE-2023-29084
zdi1packetstorm1metasploit1cnvd1cvelist1cve1nuclei1prion1rapid7blog1