Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-31492
HistoryAug 17, 2023 - 11:15 p.m.

CVE-2023-31492

2023-08-1723:15:09
CWE-522
[email protected]
web.nvd.nist.gov
5
zoho
admanager plus
default passwords
unauthorized domains
cve-2023-31492

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

41.4%

JSON

Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users.

Affected configurations

Nvd
Node
zohocorpmanageengine_admanager_plusRange<7.1
OR
zohocorpmanageengine_admanager_plusMatch7.1-
OR
zohocorpmanageengine_admanager_plusMatch7.17100
OR
zohocorpmanageengine_admanager_plusMatch7.17101
OR
zohocorpmanageengine_admanager_plusMatch7.17102
OR
zohocorpmanageengine_admanager_plusMatch7.17110
OR
zohocorpmanageengine_admanager_plusMatch7.17111
OR
zohocorpmanageengine_admanager_plusMatch7.17112
OR
zohocorpmanageengine_admanager_plusMatch7.17113
OR
zohocorpmanageengine_admanager_plusMatch7.17114
OR
zohocorpmanageengine_admanager_plusMatch7.17115
OR
zohocorpmanageengine_admanager_plusMatch7.17116
OR
zohocorpmanageengine_admanager_plusMatch7.17117
OR
zohocorpmanageengine_admanager_plusMatch7.17118
OR
zohocorpmanageengine_admanager_plusMatch7.17120
OR
zohocorpmanageengine_admanager_plusMatch7.17121
OR
zohocorpmanageengine_admanager_plusMatch7.17122
OR
zohocorpmanageengine_admanager_plusMatch7.17123
OR
zohocorpmanageengine_admanager_plusMatch7.17124
OR
zohocorpmanageengine_admanager_plusMatch7.17125
OR
zohocorpmanageengine_admanager_plusMatch7.17126
OR
zohocorpmanageengine_admanager_plusMatch7.17130
OR
zohocorpmanageengine_admanager_plusMatch7.17131
OR
zohocorpmanageengine_admanager_plusMatch7.17140
OR
zohocorpmanageengine_admanager_plusMatch7.17141
OR
zohocorpmanageengine_admanager_plusMatch7.17150
OR
zohocorpmanageengine_admanager_plusMatch7.17151
OR
zohocorpmanageengine_admanager_plusMatch7.17160
OR
zohocorpmanageengine_admanager_plusMatch7.17161
OR
zohocorpmanageengine_admanager_plusMatch7.17162
OR
zohocorpmanageengine_admanager_plusMatch7.17163
OR
zohocorpmanageengine_admanager_plusMatch7.17170
OR
zohocorpmanageengine_admanager_plusMatch7.17171
OR
zohocorpmanageengine_admanager_plusMatch7.17180
OR
zohocorpmanageengine_admanager_plusMatch7.17181
OR
zohocorpmanageengine_admanager_plusMatch7.17182
VendorProductVersionCPE
zohocorpmanageengine_admanager_plus*cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:*
Rows per page:
1-10 of 361

Related

cve 1
zdt 1
exploitdb 1
cvelist 1
prion 1
packetstorm 1
cve
cve
CVE-2023-31492
2023-08-17 23:15:09
zdt
zdt
ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure Exploit
2024-02-13 00:00:00
exploitdb
exploitdb
ManageEngine ADManager Plus Build &lt; 7183 - Recovery Password Disclosure
2024-02-13 00:00:00
cvelist
cvelist
CVE-2023-31492
2023-08-17 00:00:00
prion
prion
Default credentials
2023-08-17 23:15:00
packetstorm
packetstorm
ManageEngine ADManager Plus Recovery Password Disclosure
2024-02-13 00:00:00

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

41.4%

JSON
Related for NVD:CVE-2023-31492
cve1zdt1exploitdb1cvelist1prion1packetstorm1