fkie_cve-2023-31099
Vulnerability from fkie_nvd
Published
2023-05-04 02:15
Modified
2025-01-29 20:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30BF0F86-635A-4637-A5F9-9FA122845610",
"versionEndExcluding": "12.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126002:*:*:*:*:*:*",
"matchCriteriaId": "31498701-6732-40E4-8F3D-55EE8A77D61B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126004:*:*:*:*:*:*",
"matchCriteriaId": "B740E757-147B-4DEB-89C5-59EB9FFBD6BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126005:*:*:*:*:*:*",
"matchCriteriaId": "BE1CA16B-558F-426A-B87B-23D47681F1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126104:*:*:*:*:*:*",
"matchCriteriaId": "356504E5-BE0A-4F54-8713-AC9EA29D189C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126107:*:*:*:*:*:*",
"matchCriteriaId": "DBDA89CD-3D30-488F-9EE6-92E84507B95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126108:*:*:*:*:*:*",
"matchCriteriaId": "A535E330-A6ED-4E51-A3C0-5A6D04B024C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126109:*:*:*:*:*:*",
"matchCriteriaId": "A231F874-62DD-4BAC-B115-CD6D61F23873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126110:*:*:*:*:*:*",
"matchCriteriaId": "2E6C0DE1-8B37-496C-90AF-38C0B189150E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126118:*:*:*:*:*:*",
"matchCriteriaId": "B621572C-448C-43C4-AF8E-EEBCFADF3630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126119:*:*:*:*:*:*",
"matchCriteriaId": "AAAF3692-3979-494B-831A-D8BFE127A6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126120:*:*:*:*:*:*",
"matchCriteriaId": "EE7B18B3-87AD-4960-8FBE-D90BE5FF6776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126121:*:*:*:*:*:*",
"matchCriteriaId": "79F88190-237F-4D39-B70E-FC0CBCE65DE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126122:*:*:*:*:*:*",
"matchCriteriaId": "3C6640CC-4BF7-4D7E-A128-0F36CC0DD3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126130:*:*:*:*:*:*",
"matchCriteriaId": "CA2D7B9C-AE06-4A1C-8C88-FDAD9AADF73B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126131:*:*:*:*:*:*",
"matchCriteriaId": "014DEAE0-EB0F-43BB-A922-5ED346E774A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126132:*:*:*:*:*:*",
"matchCriteriaId": "3D63BDBE-E10F-4E57-8F26-C6D31A6CAB4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126134:*:*:*:*:*:*",
"matchCriteriaId": "614916D2-74A2-45F5-BF8D-E0FD8F0000B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126135:*:*:*:*:*:*",
"matchCriteriaId": "B0C9C18E-C143-46AF-8126-FB0A71E4E4CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126136:*:*:*:*:*:*",
"matchCriteriaId": "5B93668B-4988-424B-BB81-6A18355F8624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126139:*:*:*:*:*:*",
"matchCriteriaId": "56EB1279-627C-43E1-80D7-A09BF047757E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126141:*:*:*:*:*:*",
"matchCriteriaId": "F06D655C-29AC-4FDB-B22F-148743C469F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126147:*:*:*:*:*:*",
"matchCriteriaId": "D2790B5B-F0F4-4B3B-8747-34685D988024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126148:*:*:*:*:*:*",
"matchCriteriaId": "BD572C9F-3B99-4A1D-AC18-AF7163F06FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126149:*:*:*:*:*:*",
"matchCriteriaId": "AA0872FB-4491-45BA-9429-BEBDB7AA4B49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126150:*:*:*:*:*:*",
"matchCriteriaId": "1940E42F-0F5D-4262-888F-FD23830E73ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126151:*:*:*:*:*:*",
"matchCriteriaId": "F3251E9C-8E78-464F-991C-3966B3E2E36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126154:*:*:*:*:*:*",
"matchCriteriaId": "6428F23E-AFC0-47F8-9059-655D2FF5AF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126155:*:*:*:*:*:*",
"matchCriteriaId": "33577344-B3FC-4E14-8C76-C5A542FF5598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126162:*:*:*:*:*:*",
"matchCriteriaId": "5BECCAD7-9F39-4849-8327-96BA17414418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126163:*:*:*:*:*:*",
"matchCriteriaId": "3B4472BF-9646-4575-A440-8A11B7C5C090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126164:*:*:*:*:*:*",
"matchCriteriaId": "89A06D36-31CE-43DD-9E55-EFC78FA1D252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126165:*:*:*:*:*:*",
"matchCriteriaId": "17154C40-0DBC-405F-B68E-76672F28A700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126166:*:*:*:*:*:*",
"matchCriteriaId": "FAC1EB6D-CEA0-4B98-B988-448FB844B488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126167:*:*:*:*:*:*",
"matchCriteriaId": "7ECC8CA3-28B8-48BC-944E-0F9503382C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126168:*:*:*:*:*:*",
"matchCriteriaId": "4F2863D4-D448-4843-9B99-1442A0A3C2FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126169:*:*:*:*:*:*",
"matchCriteriaId": "5006325E-308B-4E08-95F5-15B9412A2BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126262:*:*:*:*:*:*",
"matchCriteriaId": "99CA6453-8D99-41A8-AF04-6FB2FCA0A4AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126264:*:*:*:*:*:*",
"matchCriteriaId": "435229C9-FC8B-4C93-ABFE-C98518B60FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126275:*:*:*:*:*:*",
"matchCriteriaId": "1DD61A2F-88D7-45A0-9319-47192344EA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126276:*:*:*:*:*:*",
"matchCriteriaId": "DC4B331D-1FCA-4BD2-A630-6FBCC48B3599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126277:*:*:*:*:*:*",
"matchCriteriaId": "28B7BD39-A958-4C25-BECB-BEB94A83F553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126278:*:*:*:*:*:*",
"matchCriteriaId": "DE818DF8-FA7E-4B61-85A1-6D06CF1C2382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126279:*:*:*:*:*:*",
"matchCriteriaId": "FF4B34EF-B68F-4EAB-8CB3-90E83AA1CAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126280:*:*:*:*:*:*",
"matchCriteriaId": "CA19FF74-8725-4144-8AC9-07C770CE1ECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126283:*:*:*:*:*:*",
"matchCriteriaId": "C22463C3-B9BA-4A21-BB66-23903AFDB56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126284:*:*:*:*:*:*",
"matchCriteriaId": "D4D9EA3A-5FC5-43E6-8B29-2B62549617D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126285:*:*:*:*:*:*",
"matchCriteriaId": "2D5A86EC-53FD-4F85-BAB8-3F89880AD59E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126290:*:*:*:*:*:*",
"matchCriteriaId": "0420517B-9660-458B-83A6-F08889A07F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126293:*:*:*:*:*:*",
"matchCriteriaId": "93E003DB-D44B-4278-931D-A0321DABE732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126294:*:*:*:*:*:*",
"matchCriteriaId": "6051DD96-3EB1-4C54-94B4-7D6D19DDFC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126295:*:*:*:*:*:*",
"matchCriteriaId": "F08902C5-6C2F-4791-BBB7-57BE3C6704B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126306:*:*:*:*:*:*",
"matchCriteriaId": "DED80530-0627-487E-96C5-A6BE3EDFB925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126308:*:*:*:*:*:*",
"matchCriteriaId": "1E6CB40F-CA89-4C99-8E14-0209F5F889EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126310:*:*:*:*:*:*",
"matchCriteriaId": "7FDF215D-73B3-41E9-86FB-01B3A6EA1AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126311:*:*:*:*:*:*",
"matchCriteriaId": "DEB0DC3F-E57F-4E69-AA89-B8502C010404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126322:*:*:*:*:*:*",
"matchCriteriaId": "1D34DF7D-F85F-4209-92ED-9E165E9C37F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126323:*:*:*:*:*:*",
"matchCriteriaId": "3FBF6438-3A78-4527-9CE2-BAB5F91FF3FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers."
}
],
"id": "CVE-2023-31099",
"lastModified": "2025-01-29T20:15:33.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-04T02:15:19.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://manageengine.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/network-monitoring/security-updates/cve-2023-31099.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://manageengine.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/network-monitoring/security-updates/cve-2023-31099.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.