CVE-2023-31492
published 2023-08-17CVE-2023-31492: Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the…
PriorityP346medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EXPLOIT
EPSS
5.31%
91.6th percentile
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | forticlient | — | — |
| fortinet | forticlientmac | — | — |
| zohocorp | manageengine_admanager_plus | < 7.1 | 7.1 |
| zohocorp | manageengine_admanager_plus | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jrp3-72m5-5jpj: Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated attackers to view user passwords after executing backup
ghsa_unreviewed·2023-08-18
CVE-2023-31492 [MEDIUM] CWE-522 GHSA-jrp3-72m5-5jpj: Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated attackers to view user passwords after executing backup
Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated attackers to view user passwords after executing backup or recovery operations on user accounts.
Fortinet
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0...
vendor_fortinet·2024-04-10·CVSS 8.2
CVE-2023-45588 [HIGH] CWE-73 An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0...
FG-IR-23-345: An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0...
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process.
CVEs: CVE-2023-45588, CVE-2024-31492
CWEs: CWE-73
CVSS: 8.2 (high)
Affected products: FortiClient, FortiClientMac
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/177091/ManageEngine-ADManager-Plus-Recovery-Password-Disclosure.htmlhttps://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.mdhttps://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-31492.htmlhttp://packetstormsecurity.com/files/177091/ManageEngine-ADManager-Plus-Recovery-Password-Disclosure.htmlhttps://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.mdhttps://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-31492.html
2023-08-17
Published