Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2022-29457

CWE-522 — Insufficiently Protected Credentials4 documents4 sources

Severity

8.8HIGH

EPSS

8.3%

top 7.77%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Zohocorp Manageengine Adaudit Plus Zohocorp Manageengine Admanager Plus Zohocorp Manageengine Adselfservice Plus +1 more

Timeline

PublishedApr 18

Latest updateMay 11

Description

Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶NVDzohocorp/manageengine_exchange_reporter_plus< 5.7+1

▶NVDzohocorp/manageengine_adaudit_plus< 7.0.0+1

▶NVDzohocorp/manageengine_admanager_plus< 7.1+1

▶NVDzohocorp/manageengine_adselfservice_plus< 6.1+1

Patches

Patch: docs.unsafe-inline.com ↗Patch: docs.unsafe-inline.com ↗

🔴Vulnerability Details

GHSA

GHSA-gjvq-53x4-jvx9: Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure dur↗2022-04-19

▶

CVEList

CVE-2022-29457: Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure dur↗2022-04-18

▶

💥Exploits & PoCs

Exploit-DB

ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure↗2022-05-11

▶