Lucene search
HistoryJan 25, 2024 - 6:15 a.m.
CVE-2023-50785
cve-2023-50785
zoho
manageengine
adaudit plus
7270
admin users
directory traversal
nvd
2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
4.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.3%
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal.
Affected configurations
Node
zohocorpmanageengine_adaudit_plusMatch7.27200
ORzohocorpmanageengine_adaudit_plusMatch7.27201
ORzohocorpmanageengine_adaudit_plusMatch7.27202
ORzohocorpmanageengine_adaudit_plusMatch7.27203
ORzohocorpmanageengine_adaudit_plusMatch7.27210
ORzohocorpmanageengine_adaudit_plusMatch7.27211
ORzohocorpmanageengine_adaudit_plusMatch7.27212
ORzohocorpmanageengine_adaudit_plusMatch7.27213
ORzohocorpmanageengine_adaudit_plusMatch7.27215
ORzohocorpmanageengine_adaudit_plusMatch7.27220
ORzohocorpmanageengine_adaudit_plusMatch7.27250
ORzohocorpmanageengine_adaudit_plusMatch7.27251
ORzohocorpmanageengine_adaudit_plusMatch7.27260
| CPE | Name | Operator | Version |
|---|---|---|---|
| zohocorp:manageengine_adaudit_plus | zohocorp manageengine adaudit plus | eq | 7.2 |
Related
nessus
nessus
ManageEngine ADAudit Plus < Build 7270 Directory Traversal
2024-02-01 00:00:00
cvelist
cvelist
CVE-2023-50785
2024-01-25 00:00:00
prion
prion
Path traversal
2024-01-25 06:15:00
nvd
nvd
CVE-2023-50785
2024-01-25 06:15:50
2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
4.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.3%
Related for CVE-2023-50785