CVE-2023-35786

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-35786
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files.

4.9 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-35786.html Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7115:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7116:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7117:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7118:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7120:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7121:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7122:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7123:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7124:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7125:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7126:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7130:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7131:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7140:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7141:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7150:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7151:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7160:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7161:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7162:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7163:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7170:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7171:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7180:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7181:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7182:*:*:*:*:*:*
History

No history.

Information

Published : 2023-07-05 06:15

Updated : 2023-07-10 23:33

NVD link : CVE-2023-35786

Mitre link : CVE-2023-35786

CVE.ORG link : CVE-2023-35786

JSON object : View

Products Affected

zohocorp

  • manageengine_admanager_plus
CWE
CWE-611

Improper Restriction of XML External Entity Reference