fkie_cve-2023-23076
Vulnerability from fkie_nvd
Published
2023-02-01 20:15
Modified
2024-11-21 07:45
Severity ?
Summary
OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating new schedules.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3AE43EA7-9AA1-4EA7-8840-22BD543A093C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11001:*:*:*:*:*:*",
"matchCriteriaId": "846EA6AB-9588-4D9F-AEBD-83B018BE7362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11002:*:*:*:*:*:*",
"matchCriteriaId": "BDD540F2-C964-40DE-91AB-DE726AAA82A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11003:*:*:*:*:*:*",
"matchCriteriaId": "AB196A6F-FBD8-4573-B1B2-BE2B06BD1AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11004:*:*:*:*:*:*",
"matchCriteriaId": "685783DB-DD06-4D9C-9E83-63449D5B60D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11005:*:*:*:*:*:*",
"matchCriteriaId": "C371F2CD-A1F8-4EC7-8096-D61DEA337D44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11006:*:*:*:*:*:*",
"matchCriteriaId": "B980A72F-53E2-4FC1-AA25-743AE8650641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11007:*:*:*:*:*:*",
"matchCriteriaId": "68289AE6-F348-401A-BE49-08889492B23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11008:*:*:*:*:*:*",
"matchCriteriaId": "A0667DC3-8315-4F2B-BAB7-D1F1CA476D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11009:*:*:*:*:*:*",
"matchCriteriaId": "34C768E0-FF5B-413D-87B2-9D09F28F95DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11010:*:*:*:*:*:*",
"matchCriteriaId": "5570C5A9-A79B-48CF-B95D-3513F7B9BAF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11011:*:*:*:*:*:*",
"matchCriteriaId": "B77031F5-E097-4549-BF5E-1D0718AB52B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11012:*:*:*:*:*:*",
"matchCriteriaId": "5A9C0879-8AE5-4E6E-998C-E79FC418C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11013:*:*:*:*:*:*",
"matchCriteriaId": "3F1F21D7-08E8-4637-903B-4277399C0BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11014:*:*:*:*:*:*",
"matchCriteriaId": "97920D1C-62BA-4B10-9912-C2ED1C1B0313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11015:*:*:*:*:*:*",
"matchCriteriaId": "023C6278-1FF9-4E79-8D95-32BE71701D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11016:*:*:*:*:*:*",
"matchCriteriaId": "34EFB9EF-269E-4A72-8357-2A54E8B78C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11017:*:*:*:*:*:*",
"matchCriteriaId": "35366F60-D6E2-4B29-B593-D24079CE6831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11018:*:*:*:*:*:*",
"matchCriteriaId": "CB60E016-82DD-41EC-85F9-D4F37AF1F8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11019:*:*:*:*:*:*",
"matchCriteriaId": "9B83E37C-B1F6-4CEB-8A8E-39E24BE8B59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11020:*:*:*:*:*:*",
"matchCriteriaId": "80B62BA0-2CF1-4828-99A9-7DD13CFCB9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11021:*:*:*:*:*:*",
"matchCriteriaId": "7F529DB6-4D30-49F8-BFE2-C10C1A899917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11022:*:*:*:*:*:*",
"matchCriteriaId": "4EA25296-8163-4C98-A8CD-35834240308E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11024:*:*:*:*:*:*",
"matchCriteriaId": "33D51403-A976-4EA3-AA23-C699E03239E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11025:*:*:*:*:*:*",
"matchCriteriaId": "D86A2E8A-1689-4E6E-B50B-E16CBCEB0C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11026:*:*:*:*:*:*",
"matchCriteriaId": "C83DD7D3-C3AF-4E56-B38E-B1C5F3EABCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11027:*:*:*:*:*:*",
"matchCriteriaId": "A940CD15-8270-4935-9C46-9684E7735C99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating new schedules."
}
],
"id": "CVE-2023-23076",
"lastModified": "2024-11-21T07:45:50.290",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-01T20:15:11.893",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://bugbounty.zohocorp.com/bb/#/bug/101000006459751?tab=originator"
},
{
"source": "cve@mitre.org",
"url": "https://www.manageengine.com/products/support-center/CVE-2023-23076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://bugbounty.zohocorp.com/bb/#/bug/101000006459751?tab=originator"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.manageengine.com/products/support-center/CVE-2023-23076.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.