Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2022-47966

🗓️ 18 Jan 2023 00:00:00Reported by AttackerKBType 
attackerkb
 attackerkb🔗 attackerkb.com👁 110 Views

Zoho ManageEngine on-premise products upto version 14003 are vulnerable to remote code execution due to the use of outdated Apache xmlsec librar

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Refs
ReporterTitlePublishedViews
Family
Cvelist		CVE-2021-41770
7 Oct 202106:24
cvelist
Cvelist		CVE-2021-40690 Bypass of the secureValidation property
19 Sep 202100:00
cvelist
Cvelist		CVE-2022-47966
18 Jan 202300:00
cvelist
Cvelist		CVE-2014-0107
15 Apr 201417:00
cvelist
The Hacker News		Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products
23 Feb 202315:02
thn
The Hacker News		Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!
17 Jan 202310:38
thn
The Hacker News		Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware
24 Aug 202315:16
thn
The Hacker News		Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems
19 Apr 202306:42
thn
The Hacker News		Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors
15 Sep 202304:14
thn
The Hacker News		 CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
8 Sep 202305:36
thn
Rows per page
SourceLink
cvewww.cve.mitre.org/cgi-bin/cvename.cgi
cisawww.cisa.gov/news-events/cybersecurity-advisories/aa24-207a
manageenginewww.manageengine.com/
githubwww.github.com/apache/santuario-xml-security-java/tags
manageenginewww.manageengine.com/security/advisory/CVE/cve-2022-47966.html
packetstormsecuritywww.packetstormsecurity.com/files/170882/Zoho-ManageEngine-ServiceDesk-Plus-14003-Remote-Code-Execution.html
packetstormsecuritywww.packetstormsecurity.com/files/170925/ManageEngine-ADSelfService-Plus-Unauthenticated-SAML-Remote-Code-Execution.html
packetstormsecuritywww.packetstormsecurity.com/files/170943/Zoho-ManageEngine-Endpoint-Central-MSP-10.1.2228.10-Remote-Code-Execution.html
blogwww.blog.viettelcybersecurity.com/saml-show-stopper/
githubwww.github.com/horizon3ai/CVE-2022-47966
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
18 Jan 2023 00:00Current
9.4High risk
Vulners AI Score9.4
CVSS39.8
EPSS0.94427
zoho manageengineremote code executionapache xmlsecon-premise productsvulnerabilitysantuarioxalancve-2014-0107samlrce issues
110
.json
Report