CVE-2023-35786

Опубликовано: 05 июл. 2023

Источник: nvd

CVSS3: 4.9

EPSS Низкий

Описание

Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files.

Ссылки

https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-35786.html
Vendor Advisory
https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-35786.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*

Версия до 7.1 (исключая)

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7115:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7116:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7117:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7118:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7120:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7121:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7122:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7123:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7124:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7125:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7126:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7130:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7131:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7140:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7141:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7150:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7151:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7160:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7161:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7162:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7163:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7170:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7171:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7180:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7181:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7182:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00432

Низкий

4.9 Medium

CVSS3

Дефекты

CWE-611

Связанные уязвимости

GHSA-22q6-rw64-5gjj