Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-24306
HistoryMar 02, 2022 - 3:15 p.m.

CVE-2022-24306

2022-03-0215:15:08
CWE-863
[email protected]
web.nvd.nist.gov
3
zoho manageengine
sharepoint manager plus
authorization mishandling
account takeover
cve-2022-24306

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.007

Percentile

80.8%

JSON

Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because authorization is mishandled.

Affected configurations

Nvd
Node
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4000
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4001
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4002
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4003
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4004
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4005
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4006
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4007
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4008
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4009
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4010
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4011
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4012
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4013
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4014
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4015
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4016
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4017
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4018
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4020
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4021
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4022
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4023
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4024
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4025
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4026
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4027
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4028
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4029
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4030
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4031
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4032
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4033
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4100
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4101
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4102
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4103
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4104
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4105
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4106
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4107
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4108
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4109
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4110
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4200
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4201
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4300
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4301
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4302
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4303
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4304
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4305
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4306
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4307
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4308
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4309
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4310
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4311
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4312
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4313
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4314
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4315
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4316
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4317
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4318
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4319
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4320
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4321
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4322
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4323
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4324
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4325
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4326
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4327
OR
zohocorpmanageengine_sharepoint_manager_plusMatch-build_4328
VendorProductVersionCPE
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4000:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4001:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4002:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4003:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4004:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4005:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4006:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4007:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4008:*:*:*:*:*:*
zohocorpmanageengine_sharepoint_manager_plus-cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:-:build_4009:*:*:*:*:*:*
Rows per page:
1-10 of 751

Related

cvelist 1
cve 1
prion 1
nessus 1
cvelist
cvelist
CVE-2022-24306
2022-03-02 14:34:49
cve
cve
CVE-2022-24306
2022-03-02 15:15:08
prion
prion
Authorization
2022-03-02 15:15:00
nessus
nessus
ManageEngine SharePoint Manager Plus < 4329 Multiple Vulnerabilities
2022-05-05 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.007

Percentile

80.8%

JSON
Related for NVD:CVE-2022-24306
cvelist1cve1prion1nessus1