Lucene search
HistoryFeb 01, 2023 - 8:15 p.m.
CVE-2023-23076
command injection
support center plus 11
executor
creating schedules
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.001
Percentile
50.4%
OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating new schedules.
Affected configurations
Node
zohocorpmanageengine_supportcenter_plusMatch11.0-
ORzohocorpmanageengine_supportcenter_plusMatch11.011001
ORzohocorpmanageengine_supportcenter_plusMatch11.011002
ORzohocorpmanageengine_supportcenter_plusMatch11.011003
ORzohocorpmanageengine_supportcenter_plusMatch11.011004
ORzohocorpmanageengine_supportcenter_plusMatch11.011005
ORzohocorpmanageengine_supportcenter_plusMatch11.011006
ORzohocorpmanageengine_supportcenter_plusMatch11.011007
ORzohocorpmanageengine_supportcenter_plusMatch11.011008
ORzohocorpmanageengine_supportcenter_plusMatch11.011009
ORzohocorpmanageengine_supportcenter_plusMatch11.011010
ORzohocorpmanageengine_supportcenter_plusMatch11.011011
ORzohocorpmanageengine_supportcenter_plusMatch11.011012
ORzohocorpmanageengine_supportcenter_plusMatch11.011013
ORzohocorpmanageengine_supportcenter_plusMatch11.011014
ORzohocorpmanageengine_supportcenter_plusMatch11.011015
ORzohocorpmanageengine_supportcenter_plusMatch11.011016
ORzohocorpmanageengine_supportcenter_plusMatch11.011017
ORzohocorpmanageengine_supportcenter_plusMatch11.011018
ORzohocorpmanageengine_supportcenter_plusMatch11.011019
ORzohocorpmanageengine_supportcenter_plusMatch11.011020
ORzohocorpmanageengine_supportcenter_plusMatch11.011021
ORzohocorpmanageengine_supportcenter_plusMatch11.011022
ORzohocorpmanageengine_supportcenter_plusMatch11.011024
ORzohocorpmanageengine_supportcenter_plusMatch11.011025
ORzohocorpmanageengine_supportcenter_plusMatch11.011026
ORzohocorpmanageengine_supportcenter_plusMatch11.011027
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:-:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11001:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11002:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11003:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11004:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11005:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11006:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11007:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11008:*:*:*:*:*:* |
| zohocorp | manageengine_supportcenter_plus | 11.0 | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11009:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-23076
2023-02-01 00:00:00
prion
prion
Command injection
2023-02-01 20:15:00
cve
cve
CVE-2023-23076
2023-02-01 20:15:11
nessus
nessus
ManageEngine SupportCenter Plus < 14.0 Build 14000
2023-11-15 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.001
Percentile
50.4%
Related for NVD:CVE-2023-23076