CVE-2023-32783

The event analysis component in Zoho ManageEngine ADAudit Plus 7.1.1 allows an attacker to bypass audit detection by creating or renaming user accounts with a "$" symbol suffix. NOTE: the vendor states "We do not consider this as a security bug and it's an expected behaviour."...

PT-2023-24017 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus version 7.1.1 Description: The event analysis component in Zoho ManageEngine ADAudit Plus allows an attacker to bypass audit detection by creating or renaming user accounts with a "$" symbol suffix. The vendor...