Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-29457
HistoryApr 18, 2022 - 8:15 p.m.

CVE-2022-29457

2022-04-1820:15:09
CWE-522
[email protected]
web.nvd.nist.gov
3
zoho manageengine
security vulnerability
ntlm hash disclosure
storage-path configuration
cve-2022-29457

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.014

Percentile

86.5%

JSON

Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.

Affected configurations

Nvd
Node
zohocorpmanageengine_adaudit_plusRange<7.0.0
OR
zohocorpmanageengine_adaudit_plusMatch7.0.0-
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07000
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07002
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07003
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07004
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07005
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07006
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07007
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07008
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07050
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07051
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07052
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07053
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07054
OR
zohocorpmanageengine_adaudit_plusMatch7.0.07055
OR
zohocorpmanageengine_admanager_plusRange<7.1
OR
zohocorpmanageengine_admanager_plusMatch7.1-
OR
zohocorpmanageengine_admanager_plusMatch7.17100
OR
zohocorpmanageengine_admanager_plusMatch7.17101
OR
zohocorpmanageengine_admanager_plusMatch7.17102
OR
zohocorpmanageengine_admanager_plusMatch7.17110
OR
zohocorpmanageengine_admanager_plusMatch7.17111
OR
zohocorpmanageengine_admanager_plusMatch7.17112
OR
zohocorpmanageengine_admanager_plusMatch7.17113
OR
zohocorpmanageengine_admanager_plusMatch7.17114
OR
zohocorpmanageengine_admanager_plusMatch7.17115
OR
zohocorpmanageengine_admanager_plusMatch7.17116
OR
zohocorpmanageengine_admanager_plusMatch7.17117
OR
zohocorpmanageengine_admanager_plusMatch7.17118
OR
zohocorpmanageengine_admanager_plusMatch7.17120
OR
zohocorpmanageengine_admanager_plusMatch7.17121
OR
zohocorpmanageengine_admanager_plusMatch7.17122
OR
zohocorpmanageengine_admanager_plusMatch7.17123
OR
zohocorpmanageengine_admanager_plusMatch7.17124
OR
zohocorpmanageengine_admanager_plusMatch7.17125
OR
zohocorpmanageengine_admanager_plusMatch7.17126
OR
zohocorpmanageengine_admanager_plusMatch7.17130
OR
zohocorpmanageengine_adselfservice_plusRange<6.1
OR
zohocorpmanageengine_adselfservice_plusMatch6.1-
OR
zohocorpmanageengine_adselfservice_plusMatch6.16100
OR
zohocorpmanageengine_adselfservice_plusMatch6.16101
OR
zohocorpmanageengine_adselfservice_plusMatch6.16102
OR
zohocorpmanageengine_adselfservice_plusMatch6.16103
OR
zohocorpmanageengine_adselfservice_plusMatch6.16104
OR
zohocorpmanageengine_adselfservice_plusMatch6.16105
OR
zohocorpmanageengine_adselfservice_plusMatch6.16106
OR
zohocorpmanageengine_adselfservice_plusMatch6.16107
OR
zohocorpmanageengine_adselfservice_plusMatch6.16108
OR
zohocorpmanageengine_adselfservice_plusMatch6.16109
OR
zohocorpmanageengine_adselfservice_plusMatch6.16110
OR
zohocorpmanageengine_adselfservice_plusMatch6.16111
OR
zohocorpmanageengine_adselfservice_plusMatch6.16112
OR
zohocorpmanageengine_adselfservice_plusMatch6.16113
OR
zohocorpmanageengine_adselfservice_plusMatch6.16114
OR
zohocorpmanageengine_adselfservice_plusMatch6.16115
OR
zohocorpmanageengine_adselfservice_plusMatch6.16116
OR
zohocorpmanageengine_adselfservice_plusMatch6.16117
OR
zohocorpmanageengine_adselfservice_plusMatch6.16118
OR
zohocorpmanageengine_adselfservice_plusMatch6.16119
OR
zohocorpmanageengine_adselfservice_plusMatch6.16120
OR
zohocorpmanageengine_exchange_reporter_plusRange<5.7
OR
zohocorpmanageengine_exchange_reporter_plusMatch5.7-
OR
zohocorpmanageengine_exchange_reporter_plusMatch5.75700
VendorProductVersionCPE
zohocorpmanageengine_adaudit_plus*cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:-:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7000:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7002:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7003:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7004:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7005:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7006:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7007:*:*:*:*:*:*
zohocorpmanageengine_adaudit_plus7.0.0cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7008:*:*:*:*:*:*
Rows per page:
1-10 of 641

Related

exploitdb 1
packetstorm 1
zdt 1
cnvd 1
prion 1
cvelist 1
cve 1
exploitdb
exploitdb
ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure
2022-05-11 00:00:00
packetstorm
packetstorm
ManageEngine ADSelfService Plus Build 6118 NTLMv2 Hash Exposure
2022-05-11 00:00:00
zdt
zdt
ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure Exploit
2022-05-12 00:00:00
cnvd
cnvd
ZOHO ManageEngine ADSelfService Plus Information Disclosure Vulnerability (CNVD-2022-55221)
2022-04-20 00:00:00
prion
prion
Design/Logic Flaw
2022-04-18 20:15:00
cvelist
cvelist
CVE-2022-29457
2022-04-18 19:47:07
cve
cve
CVE-2022-29457
2022-04-18 20:15:09

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.014

Percentile

86.5%

JSON
Related for NVD:CVE-2022-29457
exploitdb1packetstorm1zdt1cnvd1prion1cvelist1cve1