BDU:2023-00171
Scores
EPSS Score
0.0000
CVSS
3.x 9.8
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
All CVSS Scores
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Description
Уязвимость программных продуктов ManageEngine связана с ошибками при обработке входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код путем отправки специально сформированного SAML-запроса
Sources
Related Vulnerabilities
Vulnerable Software
Type: Configuration
Vendor: zoho corp.
Product: access manager plus
Operating System: * *
{
"version_end_excluding": "4308"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: active directory 360
Operating System: * *
{
"version_end_excluding": "4310"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: admanager plus
Operating System: * *
{
"version_end_excluding": "7162"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: analytics plus
Operating System: * *
{
"version_end_excluding": "5150"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: application control plus
Operating System: * *
{
"version_end_excluding": "10.1.2220.18"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: asset explorer
Operating System: * *
{
"version_end_excluding": "6983"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: browser security plus
Operating System: * *
{
"version_end_excluding": "11.1.2238.6"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: device control plus
Operating System: * *
{
"version_end_excluding": "10.1.2220.18"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: endpoint central
Operating System: * *
{
"version_end_excluding": "10.1.2228.11"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: endpoint central msp
Operating System: * *
{
"version_end_excluding": "10.1.2228.11"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: endpoint dlp
Operating System: * *
{
"version_end_excluding": "10.1.2137.6"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: key manager plus
Operating System: * *
{
"version_end_excluding": "6401"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: manageengine adselfservice plus
Operating System: * *
{
"version_end_excluding": "6211"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: os deployer
Operating System: * *
{
"version_end_excluding": "1.1.2243.1"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: pam360
Operating System: * *
{
"version_end_excluding": "5713"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: password manager pro
Operating System: * *
{
"version_end_excluding": "12124"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: patch manager plus
Operating System: * *
{
"version_end_excluding": "10.1.2220.18"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: remote access plus
Operating System: * *
{
"version_end_excluding": "10.1.2228.11"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: remote monitoring and management (rmm)
Operating System: * *
{
"version_end_excluding": "10.1.41"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: servicedesk plus
Operating System: * *
{
"version_end_excluding": "14004"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: servicedesk plus msp
Operating System: * *
{
"version_end_excluding": "13001"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: supportcenter plus
Operating System: * *
{
"version_end_excluding": "11026"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: vulnerability manager plus
Operating System: * *
{
"version_end_excluding": "10.1.2220.18"
}Source: bdu
Type: Configuration
Vendor: zoho corp.
Product: zoho manageengine adaudit plus
Operating System: * *
{
"version_end_excluding": "7081"
}Source: bdu