Lucene search

[email protected]NVD:CVE-2023-35786

HistoryJul 05, 2023 - 6:15 a.m.

CVE-2023-35786

2023-07-0506:15:21

CWE-611

[email protected]

web.nvd.nist.gov

zoho manageengine

admanager plus

xxe issue

view files

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

29.7%

JSON

Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files.

Affected configurations

Nvd

Node

zohocorpmanageengine_admanager_plusRange<7.1

zohocorpmanageengine_admanager_plusMatch7.1-

zohocorpmanageengine_admanager_plusMatch7.17100

zohocorpmanageengine_admanager_plusMatch7.17101

zohocorpmanageengine_admanager_plusMatch7.17102

zohocorpmanageengine_admanager_plusMatch7.17110

zohocorpmanageengine_admanager_plusMatch7.17111

zohocorpmanageengine_admanager_plusMatch7.17112

zohocorpmanageengine_admanager_plusMatch7.17113

zohocorpmanageengine_admanager_plusMatch7.17114

zohocorpmanageengine_admanager_plusMatch7.17115

zohocorpmanageengine_admanager_plusMatch7.17116

zohocorpmanageengine_admanager_plusMatch7.17117

zohocorpmanageengine_admanager_plusMatch7.17118

zohocorpmanageengine_admanager_plusMatch7.17120

zohocorpmanageengine_admanager_plusMatch7.17121

zohocorpmanageengine_admanager_plusMatch7.17122

zohocorpmanageengine_admanager_plusMatch7.17123

zohocorpmanageengine_admanager_plusMatch7.17124

zohocorpmanageengine_admanager_plusMatch7.17125

zohocorpmanageengine_admanager_plusMatch7.17126

zohocorpmanageengine_admanager_plusMatch7.17130

zohocorpmanageengine_admanager_plusMatch7.17131

zohocorpmanageengine_admanager_plusMatch7.17140

zohocorpmanageengine_admanager_plusMatch7.17141

zohocorpmanageengine_admanager_plusMatch7.17150

zohocorpmanageengine_admanager_plusMatch7.17151

zohocorpmanageengine_admanager_plusMatch7.17160

zohocorpmanageengine_admanager_plusMatch7.17161

zohocorpmanageengine_admanager_plusMatch7.17162

zohocorpmanageengine_admanager_plusMatch7.17163

zohocorpmanageengine_admanager_plusMatch7.17170

zohocorpmanageengine_admanager_plusMatch7.17171

zohocorpmanageengine_admanager_plusMatch7.17180

zohocorpmanageengine_admanager_plusMatch7.17181

zohocorpmanageengine_admanager_plusMatch7.17182

VendorProductVersionCPE
zohocorpmanageengine_admanager_plus*cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:*
zohocorpmanageengine_admanager_plus7.1cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:*

Vendor	Product	Version	CPE
zohocorp	manageengine_admanager_plus	*	cpe:2.3:a:zohocorp:manageengine_admanager_plus::::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113::::::
zohocorp	manageengine_admanager_plus	7.1	cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114::::::

Rows per page:

1-10 of 361

References

www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-35786.html

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

29.7%

JSON

Related for NVD:CVE-2023-35786

cvelist1 nessus1 cve1 prion1