vulnerability
Zoho ManageEngine ADAudit Plus: Unauthenticated Remote Code Execution Vulnerability (CVE-2022-47966)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | 10/28/2022 | 01/20/2023 | 12/18/2024 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
10/28/2022
Added
01/20/2023
Modified
12/18/2024
Description
Multiple ManageEngine products were affected by the unauthenticated remote code execution vulnerability due to the usage of an outdated third party dependency Apache Santuario.
Solution
zoho-manageengine-adaudit-plus-upgrade-latest
References
- CVE-2022-47966
- https://attackerkb.com/topics/CVE-2022-47966
- URL-https://github.com/apache/santuario-xml-security-java/tags?after=1.4.6
- URL-https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html
- URL-http://packetstormsecurity.com/files/170882/Zoho-ManageEngine-ServiceDesk-Plus-14003-Remote-Code-Execution.html
- URL-http://packetstormsecurity.com/files/170925/ManageEngine-ADSelfService-Plus-Unauthenticated-SAML-Remote-Code-Execution.html
- URL-http://packetstormsecurity.com/files/170943/Zoho-ManageEngine-Endpoint-Central-MSP-10.1.2228.10-Remote-Code-Execution.html
- URL-https://blog.viettelcybersecurity.com/saml-show-stopper/
- URL-https://github.com/horizon3ai/CVE-2022-47966
- URL-https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/
- URL-https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250a
- URL-https://attackerkb.com/topics/gvs0Gv8BID/cve-2022-47966/rapid7-analysis
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.