CVE-2022-42904
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy settings.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2022-42904.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2022-42904.html | Release Notes, Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:19:05.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2022-42904.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2022-42904.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-42904",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-10-13T00:00:00",
"dateUpdated": "2024-08-03T13:19:05.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-42904\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-11-18T21:15:11.563\",\"lastModified\":\"2024-11-21T07:25:34.440\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy settings.\"},{\"lang\":\"es\",\"value\":\"Zoho ManageEngine ADManager Plus hasta 7151 permite a los usuarios administradores autenticados ejecutar los comandos en la configuraci\u00f3n del proxy.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1\",\"matchCriteriaId\":\"B9D72627-17F9-427E-907B-56EA0A498131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB6D57E0-63FB-4ED2-8F7A-D882EB4925BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*\",\"matchCriteriaId\":\"736740CB-A328-4163-BAC4-6C881A24C8B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B806083-7309-4215-AF81-DCC4D90B7876\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*\",\"matchCriteriaId\":\"A741CDA8-D1A8-4F83-AE54-7D3D3C433825\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*\",\"matchCriteriaId\":\"09563D6F-690B-4C7A-BA25-52D009724A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:*\",\"matchCriteriaId\":\"30FAC23B-831E-4904-AB3B-85A3C068CEB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:*\",\"matchCriteriaId\":\"9347D3CF-B5D1-4ACE-83E1-73748EF15120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:*\",\"matchCriteriaId\":\"322E0562-4586-4DF4-A935-C2447883495B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB9151D6-BD21-4268-9371-FF702C1AD84B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7115:*:*:*:*:*:*\",\"matchCriteriaId\":\"B371E93E-7C85-42DD-AA7F-9B43D8D02963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7116:*:*:*:*:*:*\",\"matchCriteriaId\":\"094EEFA4-BD16-4F79-8133-62F9E2C8C675\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7117:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC5A6297-98E3-45C8-95FB-7F4E65D133BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7118:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C96678-34B7-4FCE-9DBD-1A7B3E0943BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7120:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E9B9E88-919F-4CF7-99DC-72E50BDF65A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7121:*:*:*:*:*:*\",\"matchCriteriaId\":\"7848B31C-AB51-486B-8655-7D7A060BAFFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7122:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CFB5C4A-B717-4CC2-AE03-336C63D17B96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7123:*:*:*:*:*:*\",\"matchCriteriaId\":\"456D49D7-F04D-4003-B429-8D5504959D04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7124:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB788440-904B-430E-BF5B-12ADA816477E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7125:*:*:*:*:*:*\",\"matchCriteriaId\":\"876CC4D6-9546-4D39-965A-EF5A4AF4AD93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7126:*:*:*:*:*:*\",\"matchCriteriaId\":\"85432FE8-946F-448D-A92A-FF549EDC52F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7130:*:*:*:*:*:*\",\"matchCriteriaId\":\"813E1389-A949-427C-92C6-3974702FEA5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7131:*:*:*:*:*:*\",\"matchCriteriaId\":\"34A48841-EA09-4917-A6FF-DF645B581426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7140:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C042646-9D36-4712-9E5D-40E55FCF7C24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7141:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E6CD67A-7F5A-4F29-B563-7E4D72A1149F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7150:*:*:*:*:*:*\",\"matchCriteriaId\":\"77A0C792-A8B7-48F8-9AD7-96B0CBAD4EBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7151:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E53B3CB-4351-4E24-B80C-D62CC483D4D7\"}]}]}],\"references\":[{\"url\":\"https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2022-42904.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2022-42904.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.