mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
228 lines
9.0 KiB
JSON
228 lines
9.0 KiB
JSON
{
|
|
"id": "CVE-2023-48646",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-11-22T18:15:09.670",
|
|
"lastModified": "2024-11-21T08:32:10.810",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users to execute arbitrary commands via proxy settings."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Zoho ManageEngine RecoveryManager Plus anterior a 6070 permite a los usuarios administradores ejecutar comandos arbitrarios a trav\u00e9s de configuraciones de proxy."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
|
"baseScore": 7.2,
|
|
"baseSeverity": "HIGH",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "HIGH",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.2,
|
|
"impactScore": 5.9
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "6.0",
|
|
"matchCriteriaId": "658DC76D-E0FE-40FA-B966-6DA6ED531FCD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6001:*:*:*:*:*:*",
|
|
"matchCriteriaId": "948993BE-7B9E-4CCB-A97F-28B46DFE52A6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6003:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9F8D6CDF-1BD5-4457-94AA-CFCC351F55A9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6005:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E54CE38D-C9CA-4CC1-B3BC-83F593A576D1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6011:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4C8B3F77-7886-4F80-B75A-59063C762307"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6016:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ADCB6ADF-5B04-4682-B541-4BC8BB5762DC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6017:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A708628C-31E8-4A52-AEF7-297E2DDFA0C8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6020:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A8A01385-A493-42C0-ABBE-6A30C8594F8B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6025:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E7A6CA95-9572-4FCA-ADD2-A5F4D8C2216B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6026:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B6865936-A773-4353-8891-8269508B2180"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6030:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9CAD778E-8FDB-4CE2-A593-75EEA75F6361"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6031:*:*:*:*:*:*",
|
|
"matchCriteriaId": "52A9BA64-A248-4490-BDA7-671D64C0B3CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6032:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DFF0A7E8-888B-4CBE-B799-16557244DDF3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6041:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8B480202-7632-4CFA-A485-DDFF1D1DB757"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6042:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AB9B0721-49FD-49E7-97E4-E4E3EBF64856"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6043:*:*:*:*:*:*",
|
|
"matchCriteriaId": "874F5DDD-EA8D-4C1E-824A-321C52959649"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6044:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8CAA4713-DA95-46AC-AFA5-9D22F8819B06"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6047:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9D4BB2E-D0D0-4058-88C9-3E73A793A85B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6049:*:*:*:*:*:*",
|
|
"matchCriteriaId": "832AAAAF-5C34-4DDF-96A4-080002F9BC6A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6050:*:*:*:*:*:*",
|
|
"matchCriteriaId": "29ED63C4-FB06-41AC-ABCD-63B3233658A8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6051:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6EEA1BA5-F6A7-4BE0-8E77-993FB9E5CC91"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6053:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2C21AC8A-8358-46BE-A0C6-7CDEF1E73904"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6054:*:*:*:*:*:*",
|
|
"matchCriteriaId": "51400F37-6310-44A3-A683-068DF64D20F5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6056:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F3F43DBF-CD65-47D0-8CEE-D5EE8337188B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6057:*:*:*:*:*:*",
|
|
"matchCriteriaId": "78CB8751-856A-41AC-904A-70FA1E15A946"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6058:*:*:*:*:*:*",
|
|
"matchCriteriaId": "72B7E27E-1443-46DC-8389-FBD337E612F4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6060:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F9BB1077-C1F5-4368-9930-8E7424E7EB98"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6061:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EE307CE4-574D-4FF7-BED6-5BBECF886578"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6062:*:*:*:*:*:*",
|
|
"matchCriteriaId": "49E40C74-7077-4366-82A7-52B454725B3A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://www.manageengine.com/ad-recovery-manager/advisory/CVE-2023-48646.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.manageengine.com/ad-recovery-manager/advisory/CVE-2023-48646.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |