CVE-2023-38332
3 documents3 sources
Severity
6.5MEDIUM
EPSS
1.9%
top 16.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 4
Description
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages1 packages
🔴Vulnerability Details
2CVEList▶
CVE-2023-38332: Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure↗2023-08-04
GHSA▶
GHSA-3q3p-mhr4-4m53: Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure↗2023-08-04