CVE-2022-43473
published 2023-03-30CVE-2022-43473: A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can…
PriorityP339medium5.4CVSS 3.1
AVNACLPRNUIRSUCLILAN
EPSS
19.81%
97.1th percentile
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve
a malicious XML payload to trigger this vulnerability.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| manageengine | opmanager | — | — |
| zohocorp | manageengine_opmanager | < 12.6 | 12.6 |
| zohocorp | manageengine_opmanager | — | — |
| zohocorp | manageengine_opmanager_msp | < 12.6 | 12.6 |
| zohocorp | manageengine_opmanager_msp | — | — |
| zohocorp | manageengine_opmanager_plus | < 12.6 | 12.6 |
| zohocorp | manageengine_opmanager_plus | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack
blogs_talos·2023-03-30·CVSS 5.8
[MEDIUM] Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack
## Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability.
Cisco Talos recently discovered a vulnerability in ManageEngine OpManager that could lead to an XML external entity (XXE) attack.
OpManager is network monitoring software that allows users to track and manage the performance of connected routers, switches, firewalls, servers, VMs and more. A vulnerability ( TALOS-2022-1685 /CVE-2022-43473) exists when the user attempts to add a unified computing system (UCS) to the software.
An attacker could exploit this vulnerability by providing a specially crafted, malicious XML file at an exact point during that connection process to allow them to carry out an XXE attack. XXE attacks allow
Talos
Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack
blogs_talos·2023-03-30·CVSS 5.8
CVE-2022-43473 [MEDIUM] Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability.
Cisco Talos recently discovered a vulnerability in ManageEngine OpManager that could lead to an XML external entity (XXE) attack.
OpManager is network monitoring software that allows users to track and manage the performance of connected routers, switches, firewalls, servers, VMs and more. A vulnerability (TALOS-2022-1685/CVE-2022-43473) exists when the user attempts to add a unified computing system (UCS) to the software.
An attacker could exploit this vulnerability by providing a specially crafted, malicious XML file at an exact point during that connection process to allow them to carry out an XXE attack. XXE attacks allow an adversary to interact with other backend or external systems that OpManager accesses.
Cisco
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685https://www.manageengine.com/itom/advisory/cve-2022-43473.htmlhttps://talosintelligence.com/vulnerability_reports/TALOS-2022-1685https://www.manageengine.com/itom/advisory/cve-2022-43473.htmlhttps://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1685
2023-03-30
Published