Search criteria

18 vulnerabilities found for manageengine_opmanager_msp by zohocorp

FKIE_CVE-2024-5466

Vulnerability from fkie_nvd - Published: 2024-08-23 14:15 - Updated: 2024-12-19 20:21
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.
References
0fc0942c-577d-436f-ae8e-945763c79b02https://www.manageengine.com/itom/advisory/cve-2024-5466.htmlVendor Advisory
Impacted products
Vendor Product Version
zohocorp manageengine_opmanager *
zohocorp manageengine_opmanager 12.8
zohocorp manageengine_opmanager 12.8
zohocorp manageengine_opmanager 12.8
zohocorp manageengine_opmanager 12.8
zohocorp manageengine_opmanager 12.8
zohocorp manageengine_opmanager_msp *
zohocorp manageengine_opmanager_msp 12.8
zohocorp manageengine_opmanager_msp 12.8
zohocorp manageengine_opmanager_msp 12.8
zohocorp manageengine_opmanager_msp 12.8
zohocorp manageengine_opmanager_msp 12.8
zohocorp manageengine_opmanager_plus *
zohocorp manageengine_opmanager_plus 12.8
zohocorp manageengine_opmanager_plus 12.8
zohocorp manageengine_opmanager_plus 12.8
zohocorp manageengine_opmanager_plus 12.8
zohocorp manageengine_opmanager_plus 12.8
zohocorp manageengine_remote_monitoring_and_management_central -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36BBC867-6304-4D20-B700-AF90A6E9AD92",
              "versionEndIncluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.8:build128102:*:*:*:*:*:*",
              "matchCriteriaId": "EFEEB6AC-CE71-4F6A-BF9A-745AE8AA659B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.8:build128103:*:*:*:*:*:*",
              "matchCriteriaId": "6E4D7FF9-8DBC-472A-B9E7-3190E4EDFE07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.8:build128104:*:*:*:*:*:*",
              "matchCriteriaId": "8333DEF5-F041-496D-9762-CF7CB86CB730",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.8:build128186:*:*:*:*:*:*",
              "matchCriteriaId": "04C88F59-5059-4FF5-A9A7-B4539418003C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.8:build128187:*:*:*:*:*:*",
              "matchCriteriaId": "7E824E22-6F35-4B19-98B6-E2D7295D3B88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CB1F9C1-FB50-451E-B2D1-D907F1A36276",
              "versionEndIncluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.8:build128102:*:*:*:*:*:*",
              "matchCriteriaId": "E611698E-49FD-48FA-8B23-32C4D3F655E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.8:build128103:*:*:*:*:*:*",
              "matchCriteriaId": "54F928AD-C6AD-4CCC-8ACF-3DE93EB6DD13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.8:build128104:*:*:*:*:*:*",
              "matchCriteriaId": "E73E5594-3491-4373-806C-A0E8335F4E93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.8:build128186:*:*:*:*:*:*",
              "matchCriteriaId": "BA04AF9C-D59B-4CE0-82F6-65621E2C0058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.8:build128187:*:*:*:*:*:*",
              "matchCriteriaId": "50067B64-1E4D-4A4E-BAE0-7940FC025C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A855895-5EEC-406D-B3ED-7BF3318368F0",
              "versionEndIncluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.8:build128102:*:*:*:*:*:*",
              "matchCriteriaId": "E4538191-BBDC-4E82-9C4B-A00E9D845CDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.8:build128103:*:*:*:*:*:*",
              "matchCriteriaId": "0E6D15B3-EF3D-4278-9231-9D4B3292EC84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.8:build128104:*:*:*:*:*:*",
              "matchCriteriaId": "E307E12D-316E-481E-A9BC-CF91FF4FE15B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.8:build128186:*:*:*:*:*:*",
              "matchCriteriaId": "750D9A65-423C-48B1-9DC6-2C75AD115535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.8:build128187:*:*:*:*:*:*",
              "matchCriteriaId": "17A772EF-75E0-43DB-95B8-6D1A00C76101",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_remote_monitoring_and_management_central:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1704E80-F82B-4205-94B3-0EC5F6C78415",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Zohocorp ManageEngine OpManager and\u00a0Remote Monitoring and Management versions\u00a0128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option."
    },
    {
      "lang": "es",
      "value": "Zohocorp ManageEngine OpManager y Remote Monitoring and Management versiones 128329 e inferiores son vulnerables a la ejecuci\u00f3n remota de c\u00f3digo autenticado en la opci\u00f3n de implementaci\u00f3n del agente."
    }
  ],
  "id": "CVE-2024-5466",
  "lastModified": "2024-12-19T20:21:12.243",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "0fc0942c-577d-436f-ae8e-945763c79b02",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-23T14:15:11.073",
  "references": [
    {
      "source": "0fc0942c-577d-436f-ae8e-945763c79b02",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2024-5466.html"
    }
  ],
  "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "0fc0942c-577d-436f-ae8e-945763c79b02",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2023-47211

Vulnerability from fkie_nvd - Published: 2024-01-08 15:15 - Updated: 2025-11-04 19:16
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Summary
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
References
talos-cna@cisco.comhttps://talosintelligence.com/vulnerability_reports/TALOS-2023-1851Exploit, Third Party Advisory
talos-cna@cisco.comhttps://www.manageengine.com/itom/advisory/cve-2023-47211.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.manageengine.com/itom/advisory/cve-2023-47211.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1851
Impacted products
Vendor Product Version
zohocorp manageengine_firewall_analyzer *
zohocorp manageengine_firewall_analyzer 12.7
zohocorp manageengine_firewall_analyzer 12.7
zohocorp manageengine_firewall_analyzer 12.7
zohocorp manageengine_firewall_analyzer 12.7
zohocorp manageengine_firewall_analyzer 12.7
zohocorp manageengine_firewall_analyzer 12.7
zohocorp manageengine_firewall_analyzer 12.7
zohocorp manageengine_firewall_analyzer 12.7
zohocorp manageengine_netflow_analyzer *
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_netflow_analyzer 12.7
zohocorp manageengine_network_configuration_manager *
zohocorp manageengine_network_configuration_manager 12.7
zohocorp manageengine_network_configuration_manager 12.7
zohocorp manageengine_network_configuration_manager 12.7
zohocorp manageengine_network_configuration_manager 12.7
zohocorp manageengine_network_configuration_manager 12.7
zohocorp manageengine_network_configuration_manager 12.7
zohocorp manageengine_network_configuration_manager 12.7
zohocorp manageengine_opmanager *
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager 12.7
zohocorp manageengine_opmanager_msp *
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_msp 12.7
zohocorp manageengine_opmanager_plus *
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_opmanager_plus 12.7
zohocorp manageengine_oputils *
zohocorp manageengine_oputils 12.7
zohocorp manageengine_oputils 12.7
zohocorp manageengine_oputils 12.7
zohocorp manageengine_oputils 12.7
zohocorp manageengine_oputils 12.7
zohocorp manageengine_oputils 12.7
zohocorp manageengine_oputils 12.7
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "50FB7952-0CED-4A64-A435-D588CA661630",
              "versionEndExcluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127000:*:*:*:*:*:*",
              "matchCriteriaId": "8343B084-2009-44F2-B36C-C66719BBB1FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127101:*:*:*:*:*:*",
              "matchCriteriaId": "2574DD71-36A4-47AE-ABC3-D05D36FF8F02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127130:*:*:*:*:*:*",
              "matchCriteriaId": "B9D787C9-F37B-4193-A34F-080F7410BFA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127131:*:*:*:*:*:*",
              "matchCriteriaId": "55FB4705-D709-42F0-A562-6C5A05E00EAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127187:*:*:*:*:*:*",
              "matchCriteriaId": "4503E624-DC7F-4C5E-B715-0EC4676CA1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127244:*:*:*:*:*:*",
              "matchCriteriaId": "BAD9E275-CCBA-4A25-A91D-2CC9D1547B74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127257:*:*:*:*:*:*",
              "matchCriteriaId": "F50149D0-8105-49EE-9F0D-CFD67B0F64C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127259:*:*:*:*:*:*",
              "matchCriteriaId": "E0DECCD8-2E8C-4288-8CB5-10C117D83112",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9222E54C-0A7C-4828-9917-7CFD7EE8BC59",
              "versionEndExcluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127000:*:*:*:*:*:*",
              "matchCriteriaId": "85778DB3-87D9-4C6A-9149-C58C45913268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127003:*:*:*:*:*:*",
              "matchCriteriaId": "3973EC75-A70A-475A-82BB-409992F09392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127101:*:*:*:*:*:*",
              "matchCriteriaId": "14537D55-3ABE-423C-B320-6811292620AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127130:*:*:*:*:*:*",
              "matchCriteriaId": "FCB0BDE0-5BD3-4315-A74B-D7065ABC91BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127131:*:*:*:*:*:*",
              "matchCriteriaId": "3E850CF4-9078-4E43-A87C-8323536E8CD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127187:*:*:*:*:*:*",
              "matchCriteriaId": "EC407852-45B1-47F4-A886-AF8B473A86D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127244:*:*:*:*:*:*",
              "matchCriteriaId": "F528288A-7CC9-436C-9899-E4F343F83BCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127255:*:*:*:*:*:*",
              "matchCriteriaId": "2C6E7D8F-8EF4-4FEF-BE87-82CFDD22DE2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127257:*:*:*:*:*:*",
              "matchCriteriaId": "0BC6EA7D-E39F-4FE6-960D-BA6B85F81A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127259:*:*:*:*:*:*",
              "matchCriteriaId": "BE0BFAB9-E3F3-493E-B2D3-FA9BE69C0A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6628EB7-96F6-48E3-8018-8F569972B811",
              "versionEndExcluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127000:*:*:*:*:*:*",
              "matchCriteriaId": "B64ADEEB-502D-4588-BD80-156124437AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127102:*:*:*:*:*:*",
              "matchCriteriaId": "2306C5F3-5413-4240-BAB6-E55849063A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127105:*:*:*:*:*:*",
              "matchCriteriaId": "87F97A9E-2AB3-4121-B5A7-0AA25780D336",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127132:*:*:*:*:*:*",
              "matchCriteriaId": "AD049643-9546-4D39-BD26-79661205C110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127243:*:*:*:*:*:*",
              "matchCriteriaId": "EC810ED9-125E-41CA-B0BD-16BBF1726C3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127257:*:*:*:*:*:*",
              "matchCriteriaId": "97B71808-B280-4BDC-819F-B80156A77CA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127259:*:*:*:*:*:*",
              "matchCriteriaId": "F5458B6F-1D90-4563-A783-93480FB628DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93A02A7E-02A8-4B74-AA9F-3DA0492748EF",
              "versionEndExcluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127000:*:*:*:*:*:*",
              "matchCriteriaId": "24B04D73-0C55-49A8-B599-27C8C04948C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127001:*:*:*:*:*:*",
              "matchCriteriaId": "97E74846-1666-4773-910D-77E0E19A7FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127002:*:*:*:*:*:*",
              "matchCriteriaId": "BB90B809-9D97-469F-B8F6-41B4AEAA2D3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127003:*:*:*:*:*:*",
              "matchCriteriaId": "423C8618-9F3B-4B83-902C-FF01027EC54A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127004:*:*:*:*:*:*",
              "matchCriteriaId": "7E974B56-7A00-4582-AF8B-0D09B94477BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127100:*:*:*:*:*:*",
              "matchCriteriaId": "7B6F8404-F624-41AA-BE8D-170D843EC290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127101:*:*:*:*:*:*",
              "matchCriteriaId": "D0FF81E5-2134-4F45-9B39-2E3D5208BB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127102:*:*:*:*:*:*",
              "matchCriteriaId": "0D5DA95F-7C0F-4D05-BD35-DED356D01692",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127103:*:*:*:*:*:*",
              "matchCriteriaId": "2B3A3EC3-DF7C-41A6-884C-C7C13D41B61E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127104:*:*:*:*:*:*",
              "matchCriteriaId": "89EE3E31-8F55-4E44-8522-A32D6887AE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127109:*:*:*:*:*:*",
              "matchCriteriaId": "979ED7B4-FAE3-4E98-A303-290E498FFD81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127116:*:*:*:*:*:*",
              "matchCriteriaId": "EDC62E2F-AB97-4008-A52B-9CDC341A06BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127117:*:*:*:*:*:*",
              "matchCriteriaId": "93DF7023-22AE-4A84-8734-06239013C10C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127118:*:*:*:*:*:*",
              "matchCriteriaId": "2A128BED-75FA-42F1-9171-CBAEAA2366A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127119:*:*:*:*:*:*",
              "matchCriteriaId": "5298BB50-8E22-490A-87C7-7F40B7F8F7C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127120:*:*:*:*:*:*",
              "matchCriteriaId": "39C34F02-E413-4067-B958-86ADF89FA3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127122:*:*:*:*:*:*",
              "matchCriteriaId": "A0673E69-A2DB-424C-BBF0-79D729230F1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127123:*:*:*:*:*:*",
              "matchCriteriaId": "4F062A20-6FFE-479B-9E64-E4771490B041",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127131:*:*:*:*:*:*",
              "matchCriteriaId": "C598244E-7483-4762-AC27-BD8036FEFE5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127133:*:*:*:*:*:*",
              "matchCriteriaId": "B188A792-EF1A-4292-BD91-47635706C430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127134:*:*:*:*:*:*",
              "matchCriteriaId": "BEFACD7A-D81B-4EDC-9E38-FD93FA0DE456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127136:*:*:*:*:*:*",
              "matchCriteriaId": "DF818138-079A-43BE-A8B5-5DA47FA443AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127138:*:*:*:*:*:*",
              "matchCriteriaId": "27066A8F-75C4-42BF-A54B-543114B92995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127140:*:*:*:*:*:*",
              "matchCriteriaId": "A239C6F8-3FC0-4510-B33F-14B25908E68F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127141:*:*:*:*:*:*",
              "matchCriteriaId": "E8399E84-1344-4472-91F3-F63255911876",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127185:*:*:*:*:*:*",
              "matchCriteriaId": "8888C77E-04A7-4C34-B497-504F6217E07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127186:*:*:*:*:*:*",
              "matchCriteriaId": "7502D92A-3B51-4A76-88D6-E2D76A584075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127187:*:*:*:*:*:*",
              "matchCriteriaId": "7E465A5F-C8B0-4AD0-8D6D-4823C5F8153D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127188:*:*:*:*:*:*",
              "matchCriteriaId": "DBA622D6-CD85-4F0F-8CC3-39FE29754039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127189:*:*:*:*:*:*",
              "matchCriteriaId": "A0D2828B-B897-4F1D-B657-436DB3CAC2FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127191:*:*:*:*:*:*",
              "matchCriteriaId": "98279B6E-8361-45CA-8912-F06972F4BD1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127240:*:*:*:*:*:*",
              "matchCriteriaId": "A7D879C8-E89F-45C1-9609-80B737080AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127241:*:*:*:*:*:*",
              "matchCriteriaId": "3D8FD2DE-18D9-4F50-9256-672435059876",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127242:*:*:*:*:*:*",
              "matchCriteriaId": "F01FEA58-BE5B-4CEC-831D-3BF05A20688D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127243:*:*:*:*:*:*",
              "matchCriteriaId": "FFD06A39-E943-41B5-B00B-168A6D919C80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127255:*:*:*:*:*:*",
              "matchCriteriaId": "49469309-8B9B-4BF1-B80A-226F975FC47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127256:*:*:*:*:*:*",
              "matchCriteriaId": "C429A23E-3DC0-453F-AAF7-F3237C9C6B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127257:*:*:*:*:*:*",
              "matchCriteriaId": "1E3B72F3-2128-4AF1-A9A3-969D9738A24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127258:*:*:*:*:*:*",
              "matchCriteriaId": "62C3AE7F-3F84-4C59-BBF8-2E82FAFF7E15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127259:*:*:*:*:*:*",
              "matchCriteriaId": "A559F75B-FB71-4926-89FC-AC2718F0273C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4FB8882-46AE-485B-82B5-67BF22DDC12C",
              "versionEndExcluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127109:*:*:*:*:*:*",
              "matchCriteriaId": "265DB862-1B39-4B16-9AD9-D8D8190D08D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127122:*:*:*:*:*:*",
              "matchCriteriaId": "5F476D22-0FA8-4128-833F-2F1E3D15615C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127123:*:*:*:*:*:*",
              "matchCriteriaId": "A627EFBE-A429-42B8-A461-A7E1CDBBF796",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127138:*:*:*:*:*:*",
              "matchCriteriaId": "622CDD01-6655-4786-AFB0-C1C2F5D5E0BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127139:*:*:*:*:*:*",
              "matchCriteriaId": "BDCDF5A9-ACA3-40CE-B163-F8AA7C028A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127140:*:*:*:*:*:*",
              "matchCriteriaId": "5AA4A73B-B9E4-4B69-973E-A2F713037E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127141:*:*:*:*:*:*",
              "matchCriteriaId": "DA91290A-E4E0-412D-B5B7-C220B0F3087B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127142:*:*:*:*:*:*",
              "matchCriteriaId": "0DCF4289-B176-4AEA-8860-9C81F15BFFB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127259:*:*:*:*:*:*",
              "matchCriteriaId": "1CA0315F-27AE-4A5A-A05A-33A876B9C314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7201B73-EB6C-4233-A8BF-CA5EE2DF6C73",
              "versionEndExcluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127109:*:*:*:*:*:*",
              "matchCriteriaId": "5AF53EDA-45A9-424F-937A-44C7FF7299F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127122:*:*:*:*:*:*",
              "matchCriteriaId": "C70F7D66-975A-4341-97E7-E6ED80A9F314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127123:*:*:*:*:*:*",
              "matchCriteriaId": "43D72341-8C61-4D07-BBFE-D611B41A511C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127138:*:*:*:*:*:*",
              "matchCriteriaId": "9BC8DCA0-FFC1-4487-8452-E6ED8A9C5A48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127139:*:*:*:*:*:*",
              "matchCriteriaId": "5FEDB823-5D06-4C65-9042-D99982395892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127140:*:*:*:*:*:*",
              "matchCriteriaId": "18EF9B8C-F8DD-455E-BE93-80EB83374084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127141:*:*:*:*:*:*",
              "matchCriteriaId": "89575D64-5969-4C11-8AC1-B48CA97A0558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127142:*:*:*:*:*:*",
              "matchCriteriaId": "E115A1C7-23CF-4E61-BC85-8B0884CE5BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127259:*:*:*:*:*:*",
              "matchCriteriaId": "258C790F-F7FE-4071-BAC2-45AB3D2212FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DA3A9-36FB-4BCA-AEEC-231A2C3127D0",
              "versionEndExcluding": "12.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127101:*:*:*:*:*:*",
              "matchCriteriaId": "0BA30C26-D3D8-447C-BD7A-9BC166C8BF3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127117:*:*:*:*:*:*",
              "matchCriteriaId": "162E0203-17E1-427E-A351-33F75E8FE5A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127134:*:*:*:*:*:*",
              "matchCriteriaId": "61FB54BF-7A8F-4EE5-AF42-15E2B69E9DE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127241:*:*:*:*:*:*",
              "matchCriteriaId": "764139C9-FF6A-4BE0-BAF3-52F403C41393",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127242:*:*:*:*:*:*",
              "matchCriteriaId": "3D9805F6-1A56-4FBF-8F47-DAA80E4DE9FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127258:*:*:*:*:*:*",
              "matchCriteriaId": "0458F47B-0456-4005-9AB8-8183C3D1EBAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127259:*:*:*:*:*:*",
              "matchCriteriaId": "266773C9-96A6-4588-A781-AE1C34B247D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de directory traversal en la funcionalidad uploadMib de ManageEngine OpManager 12.7.258. Una solicitud HTTP especialmente manipulada puede dar lugar a la creaci\u00f3n de archivos arbitrarios. Un atacante puede enviar un archivo MiB malicioso para desencadenar esta vulnerabilidad."
    }
  ],
  "id": "CVE-2023-47211",
  "lastModified": "2025-11-04T19:16:06.090",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 5.3,
        "source": "talos-cna@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-01-08T15:15:25.287",
  "references": [
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
    },
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
    }
  ],
  "sourceIdentifier": "talos-cna@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "talos-cna@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-43473

Vulnerability from fkie_nvd - Published: 2023-03-30 17:15 - Updated: 2024-11-21 07:26
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve a malicious XML payload to trigger this vulnerability.
References
talos-cna@cisco.comhttps://talosintelligence.com/vulnerability_reports/TALOS-2022-1685Exploit, Third Party Advisory
talos-cna@cisco.comhttps://www.manageengine.com/itom/advisory/cve-2022-43473.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.manageengine.com/itom/advisory/cve-2022-43473.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1685
Impacted products
Vendor Product Version
zohocorp manageengine_opmanager *
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager_plus *
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_msp *
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30BF0F86-635A-4637-A5F9-9FA122845610",
              "versionEndExcluding": "12.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126002:*:*:*:*:*:*",
              "matchCriteriaId": "31498701-6732-40E4-8F3D-55EE8A77D61B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126004:*:*:*:*:*:*",
              "matchCriteriaId": "B740E757-147B-4DEB-89C5-59EB9FFBD6BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126005:*:*:*:*:*:*",
              "matchCriteriaId": "BE1CA16B-558F-426A-B87B-23D47681F1AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126104:*:*:*:*:*:*",
              "matchCriteriaId": "356504E5-BE0A-4F54-8713-AC9EA29D189C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126107:*:*:*:*:*:*",
              "matchCriteriaId": "DBDA89CD-3D30-488F-9EE6-92E84507B95D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126108:*:*:*:*:*:*",
              "matchCriteriaId": "A535E330-A6ED-4E51-A3C0-5A6D04B024C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126109:*:*:*:*:*:*",
              "matchCriteriaId": "A231F874-62DD-4BAC-B115-CD6D61F23873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126110:*:*:*:*:*:*",
              "matchCriteriaId": "2E6C0DE1-8B37-496C-90AF-38C0B189150E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126118:*:*:*:*:*:*",
              "matchCriteriaId": "B621572C-448C-43C4-AF8E-EEBCFADF3630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "AAAF3692-3979-494B-831A-D8BFE127A6C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126120:*:*:*:*:*:*",
              "matchCriteriaId": "EE7B18B3-87AD-4960-8FBE-D90BE5FF6776",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126121:*:*:*:*:*:*",
              "matchCriteriaId": "79F88190-237F-4D39-B70E-FC0CBCE65DE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126122:*:*:*:*:*:*",
              "matchCriteriaId": "3C6640CC-4BF7-4D7E-A128-0F36CC0DD3DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126130:*:*:*:*:*:*",
              "matchCriteriaId": "CA2D7B9C-AE06-4A1C-8C88-FDAD9AADF73B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126131:*:*:*:*:*:*",
              "matchCriteriaId": "014DEAE0-EB0F-43BB-A922-5ED346E774A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126132:*:*:*:*:*:*",
              "matchCriteriaId": "3D63BDBE-E10F-4E57-8F26-C6D31A6CAB4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126134:*:*:*:*:*:*",
              "matchCriteriaId": "614916D2-74A2-45F5-BF8D-E0FD8F0000B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126135:*:*:*:*:*:*",
              "matchCriteriaId": "B0C9C18E-C143-46AF-8126-FB0A71E4E4CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126136:*:*:*:*:*:*",
              "matchCriteriaId": "5B93668B-4988-424B-BB81-6A18355F8624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126139:*:*:*:*:*:*",
              "matchCriteriaId": "56EB1279-627C-43E1-80D7-A09BF047757E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126141:*:*:*:*:*:*",
              "matchCriteriaId": "F06D655C-29AC-4FDB-B22F-148743C469F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126147:*:*:*:*:*:*",
              "matchCriteriaId": "D2790B5B-F0F4-4B3B-8747-34685D988024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126148:*:*:*:*:*:*",
              "matchCriteriaId": "BD572C9F-3B99-4A1D-AC18-AF7163F06FA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126149:*:*:*:*:*:*",
              "matchCriteriaId": "AA0872FB-4491-45BA-9429-BEBDB7AA4B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126150:*:*:*:*:*:*",
              "matchCriteriaId": "1940E42F-0F5D-4262-888F-FD23830E73ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126151:*:*:*:*:*:*",
              "matchCriteriaId": "F3251E9C-8E78-464F-991C-3966B3E2E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126154:*:*:*:*:*:*",
              "matchCriteriaId": "6428F23E-AFC0-47F8-9059-655D2FF5AF11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126155:*:*:*:*:*:*",
              "matchCriteriaId": "33577344-B3FC-4E14-8C76-C5A542FF5598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126162:*:*:*:*:*:*",
              "matchCriteriaId": "5BECCAD7-9F39-4849-8327-96BA17414418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126163:*:*:*:*:*:*",
              "matchCriteriaId": "3B4472BF-9646-4575-A440-8A11B7C5C090",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126164:*:*:*:*:*:*",
              "matchCriteriaId": "89A06D36-31CE-43DD-9E55-EFC78FA1D252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126165:*:*:*:*:*:*",
              "matchCriteriaId": "17154C40-0DBC-405F-B68E-76672F28A700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126166:*:*:*:*:*:*",
              "matchCriteriaId": "FAC1EB6D-CEA0-4B98-B988-448FB844B488",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126167:*:*:*:*:*:*",
              "matchCriteriaId": "7ECC8CA3-28B8-48BC-944E-0F9503382C5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126168:*:*:*:*:*:*",
              "matchCriteriaId": "4F2863D4-D448-4843-9B99-1442A0A3C2FA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA7ACDA3-D9A0-4C03-B42A-5DE2517DCB65",
              "versionEndExcluding": "12.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "FB7DAAA8-6A7B-41EF-8783-7EFDEE747332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126002:*:*:*:*:*:*",
              "matchCriteriaId": "87907DDD-12AF-435A-A005-893FED115AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "EA101FBC-D697-4A7E-B539-79097228B735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "4CC9EF3C-6768-4976-94C8-3FBEE6093ECF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126104:*:*:*:*:*:*",
              "matchCriteriaId": "362871E6-BF7C-46D4-8EFE-C87E96C71799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126107:*:*:*:*:*:*",
              "matchCriteriaId": "B352D823-74D2-401A-97A2-8B2A6391545F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "B5934D8A-C10F-47BC-BB73-45B8CB71C686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "59E334B0-6BF6-4674-9D9D-7E9C988BAB57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "E866F2AE-FB51-4270-A673-B1299C7CD2F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126122:*:*:*:*:*:*",
              "matchCriteriaId": "823014A6-D8F5-430C-A813-373292450006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126139:*:*:*:*:*:*",
              "matchCriteriaId": "E755C6A6-14DA-4AA5-A549-366E4E64F9F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126140:*:*:*:*:*:*",
              "matchCriteriaId": "A7009FB6-8594-4115-BD9B-CC50CE186E30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126141:*:*:*:*:*:*",
              "matchCriteriaId": "1F495163-C813-4CE5-95AE-EAA700AD05DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126154:*:*:*:*:*:*",
              "matchCriteriaId": "4136C288-60F2-455B-8A6B-C602294AFADF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126155:*:*:*:*:*:*",
              "matchCriteriaId": "6037DF2D-1B68-45B6-A72C-C0AE37E2F29A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126264:*:*:*:*:*:*",
              "matchCriteriaId": "AAE8929C-4D00-4DCB-8605-82B86AC9CBDD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F74946AD-F68D-474A-8634-DB6CEF999302",
              "versionEndExcluding": "12.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "B15B6E60-9DF9-4524-8387-8CF0B2B6D0F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126002:*:*:*:*:*:*",
              "matchCriteriaId": "DEB00990-C73C-4B46-B87D-80E3B5B39302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "06AEE3B8-3A71-466D-880F-B39E6E4D9899",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "C7E2FFFB-975D-4FFF-A54E-01336B2687BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126104:*:*:*:*:*:*",
              "matchCriteriaId": "34A43740-26B4-4D73-BC53-7D14529BA78B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126107:*:*:*:*:*:*",
              "matchCriteriaId": "037A9312-321F-4A22-B17E-83B6A2BA9BB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "4C1FB9D8-1DA7-486C-9418-9C00F4D184D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "F78374E4-E4AF-4E77-9AE6-BEC58DCAB6AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "8912068D-3412-47E5-A790-0CDB29E05F20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126122:*:*:*:*:*:*",
              "matchCriteriaId": "39C96D52-9AD6-42B8-AE99-3F6C1D520DF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126139:*:*:*:*:*:*",
              "matchCriteriaId": "BED90D90-615E-4E7B-9C02-CBE942589BF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126140:*:*:*:*:*:*",
              "matchCriteriaId": "30957BC1-C180-405E-A4D4-818F67819C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126141:*:*:*:*:*:*",
              "matchCriteriaId": "DD11A46A-8C7C-4AC0-B353-34C149AF4951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126154:*:*:*:*:*:*",
              "matchCriteriaId": "B598B209-B85F-4968-8C49-B52B9D1D2BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126155:*:*:*:*:*:*",
              "matchCriteriaId": "6AB5E114-0705-41D3-8C40-D0F583180E5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126264:*:*:*:*:*:*",
              "matchCriteriaId": "840B07B8-E0BE-4D34-B511-B7C593AFDDD5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve \r\na malicious XML payload to trigger this vulnerability."
    }
  ],
  "id": "CVE-2022-43473",
  "lastModified": "2024-11-21T07:26:33.497",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.7,
        "source": "talos-cna@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-30T17:15:06.750",
  "references": [
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
    },
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
    }
  ],
  "sourceIdentifier": "talos-cna@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "talos-cna@cisco.com",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-38772

Vulnerability from fkie_nvd - Published: 2022-08-29 21:15 - Updated: 2024-11-21 07:17
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
References
cve@mitre.orghttps://manageengine.comVendor Advisory
cve@mitre.orghttps://www.manageengine.com/itom/advisory/cve-2022-38772.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://manageengine.comVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.manageengine.com/itom/advisory/cve-2022-38772.htmlVendor Advisory
Impacted products
Vendor Product Version
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "BEC805D2-CFDC-40DE-AA70-42A91461BEE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "4767BF5A-B867-44BB-B152-E2AFA63B06D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "5855C471-07AB-4A96-9631-26C6C8B01F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "5075910F-3676-439A-879A-5CBE2C734347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "20808F91-7F08-4BA9-9075-C54337EC68E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "C700CE3B-31B5-4B4D-A378-70EC26D6F88B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125459:*:*:*:*:*:*",
              "matchCriteriaId": "A05AFF4D-4EF9-4939-81CC-0AB55DA596F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125464:*:*:*:*:*:*",
              "matchCriteriaId": "86C3E31F-87E2-459F-8D1B-C6D1A237960D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125467:*:*:*:*:*:*",
              "matchCriteriaId": "A3E7FC26-0000-4D4B-B489-DF0E2CD2B13C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125469:*:*:*:*:*:*",
              "matchCriteriaId": "13E6E0F9-9D03-4665-9C89-6BE62ADCB39C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125471:*:*:*:*:*:*",
              "matchCriteriaId": "0DE52003-E959-420F-89A1-C86D8FB12DBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125476:*:*:*:*:*:*",
              "matchCriteriaId": "6E9C9051-7FDE-4DEE-85DC-0798524DC17A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125482:*:*:*:*:*:*",
              "matchCriteriaId": "5BE3598F-CEB4-4553-BB50-AA778BBF8BDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125483:*:*:*:*:*:*",
              "matchCriteriaId": "4C71852D-D529-469A-9111-6D4DB8381BD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125484:*:*:*:*:*:*",
              "matchCriteriaId": "EC3F7DA9-3FBF-4D67-8BA5-2643E706F64F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125485:*:*:*:*:*:*",
              "matchCriteriaId": "53E2DF01-9A39-4E50-BEDE-D49988CE5CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125488:*:*:*:*:*:*",
              "matchCriteriaId": "0015664D-11BC-4DEE-BC5B-DB3D1FE8DF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125490:*:*:*:*:*:*",
              "matchCriteriaId": "8B49F887-4574-4B3C-A8A7-57F75B27447F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125557:*:*:*:*:*:*",
              "matchCriteriaId": "C1E93E4D-0E54-41DF-843A-E8AE94EAD0BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125566:*:*:*:*:*:*",
              "matchCriteriaId": "1617ADAD-2E13-4910-B600-3EC7E59B087C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125568:*:*:*:*:*:*",
              "matchCriteriaId": "4E7B4955-F688-47DE-B1FF-D417EBDFF9C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125582:*:*:*:*:*:*",
              "matchCriteriaId": "5F982932-5513-411A-9CBF-3082C7ECEF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125584:*:*:*:*:*:*",
              "matchCriteriaId": "0B5378E9-D011-4B12-8DEE-442F22789C08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125585:*:*:*:*:*:*",
              "matchCriteriaId": "8232CBA1-55DA-4F3C-A9E5-A204A25231C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125606:*:*:*:*:*:*",
              "matchCriteriaId": "253569A5-4A2E-4163-88DC-C0FE6B79E06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125615:*:*:*:*:*:*",
              "matchCriteriaId": "A30281F3-4DE2-4ED3-91A7-AE7A091C31E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125647:*:*:*:*:*:*",
              "matchCriteriaId": "F76B196B-B5F8-4E84-9BBE-9D45A2FB2A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "F267C53D-6F27-4DFF-BB3C-7B299E07F487",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125657:*:*:*:*:*:*",
              "matchCriteriaId": "954239B1-B0FD-43EA-AAF7-ECB55E395E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "574117B3-2785-4971-ABBE-55C08010E16B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "8C4AA98C-BFFE-46E9-A3C3-D37298A8F6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "B907FD6F-BA43-4D8D-90C4-F51CD693E9B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "B6CF111E-B976-46D1-A246-B7D1750FFC45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "36CBCAF8-B7FE-4611-A9DE-C82BCDE81A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "33D8FC4D-0EF1-4C5B-A677-7269FFF068C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "6594EF08-E72F-4A59-86DB-B63E0CCE4463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "219B0F9E-A087-4AA2-B723-E3D68BEC9D21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "852A63FF-F97B-4BB9-869F-383E9FABE929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "FA6C4793-6913-4C51-A2D4-B906D2CBEA94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "3AF232D9-6735-4296-91C8-A451A1801287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126118:*:*:*:*:*:*",
              "matchCriteriaId": "11ACA60F-055A-44F5-8FE2-7FA61AE6F3CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "9EC35E5A-0C46-458C-AF33-5B699B8F5EBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "855EA944-CB73-4193-94E0-9D706FF554C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "002FDBC8-72DE-46C6-A84B-B4A51F3228F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "AABA0E18-790D-4A86-91C4-1C50D2B6167C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "797C3F7A-E5CE-48B7-9BC1-4A637131C061",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "7EE387F3-24C8-4933-A25E-D9C4026469D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "2D219374-C6A2-4A28-AF41-ABC633D8C9ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125459:*:*:*:*:*:*",
              "matchCriteriaId": "0C67D5FC-5965-4AC1-80A5-931BE60B5E86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125465:*:*:*:*:*:*",
              "matchCriteriaId": "139E25D9-A4C8-4041-ADF7-4618DFEEE8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125469:*:*:*:*:*:*",
              "matchCriteriaId": "6A65F3F7-45D3-49EB-9784-1F13FA2CBB0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125471:*:*:*:*:*:*",
              "matchCriteriaId": "3795D2DE-622F-4C82-B133-0993A01AC1FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125475:*:*:*:*:*:*",
              "matchCriteriaId": "C0DB9896-BC25-46E3-AA6F-496A442BE525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125482:*:*:*:*:*:*",
              "matchCriteriaId": "CE56A949-74AC-4138-8AD3-31F5763860EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125483:*:*:*:*:*:*",
              "matchCriteriaId": "4A3DB867-FD46-46EB-AEF0-2B6E79371AF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125485:*:*:*:*:*:*",
              "matchCriteriaId": "7881FBB4-AC09-4EB9-B02F-3EA19237E095",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125488:*:*:*:*:*:*",
              "matchCriteriaId": "F391E432-98B8-4D97-8AD4-FB1A84FAF774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125490:*:*:*:*:*:*",
              "matchCriteriaId": "61D908B2-446E-48EC-9F6B-91E8BF0F6A38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125565:*:*:*:*:*:*",
              "matchCriteriaId": "FD5F28B0-580E-4CD4-917A-496D35AD271A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125568:*:*:*:*:*:*",
              "matchCriteriaId": "F0FC96AA-F2F4-4C35-8BF7-6318A2F624A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125583:*:*:*:*:*:*",
              "matchCriteriaId": "6EA008F1-4E47-4753-8506-769B29AB5BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125584:*:*:*:*:*:*",
              "matchCriteriaId": "7ED68CDE-1096-4490-8E6B-78F4AC2BB729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125598:*:*:*:*:*:*",
              "matchCriteriaId": "34F8D9B7-3BD7-44C0-A292-162928729F36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125612:*:*:*:*:*:*",
              "matchCriteriaId": "7446678C-E2DB-4EA2-BC9B-430C8EC7804B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125615:*:*:*:*:*:*",
              "matchCriteriaId": "33C57314-5503-48BD-9ED2-D76517C9C0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125617:*:*:*:*:*:*",
              "matchCriteriaId": "AC201C68-2C1D-4E75-9443-C5F853A37AB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125646:*:*:*:*:*:*",
              "matchCriteriaId": "FBC08E48-51FA-497F-B5EB-349081888402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125650:*:*:*:*:*:*",
              "matchCriteriaId": "FD78483C-8AC8-46B3-A1FB-2DA04468BCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "D1DBA938-81D2-4CF8-B1F2-B71C4B82835D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125657:*:*:*:*:*:*",
              "matchCriteriaId": "187ADAD1-1AEC-447D-8818-C02AE12C4505",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "88C4DF20-F8A7-4673-9639-42522C6BB3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "722ACCC8-EC9C-4700-A5D0-5C6EFE8E36AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "FC0970ED-62DC-442B-AA29-618ADBD66E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126002:*:*:*:*:*:*",
              "matchCriteriaId": "B09FDE60-23E6-4738-857C-8E4A974BDED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "8D6852F2-14B0-4EAE-B420-67A0103C10EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "BF0CBE7F-B124-4ABD-82F5-CB85341CAC86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "08A4CCDD-0892-4FF3-8E17-41D6AB8FC747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "2DB6B15E-6513-4590-A5C1-A949341411F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126104:*:*:*:*:*:*",
              "matchCriteriaId": "F7367402-515B-4055-B19F-2FF7699C2C94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "C1DF8B30-1820-4DA1-AB30-996FCC99192B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "09C0FF80-AF4C-47F9-B35C-12A7F2843D0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "6445A4A5-E41D-4B60-88E7-0E5B66C2A096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "645D9C07-A2F4-4E8B-B2FD-39330CD7BE14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "63739B14-BBAF-4F12-A178-36CE2C0F6B5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126118:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90D5B-95BB-4443-B7A6-8083245677B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "229795D9-D38B-4EAE-8725-208D245E02FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "B652092E-570C-4D4E-A133-627426C50F6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "DC13FB20-119C-47F9-870D-399811661896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125457:*:*:*:*:*:*",
              "matchCriteriaId": "BC457292-04FE-4643-8F1D-05DAEF3F70BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125466:*:*:*:*:*:*",
              "matchCriteriaId": "29CBDA2B-5A6A-4DB0-AC37-EAD8E05B55BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125467:*:*:*:*:*:*",
              "matchCriteriaId": "CD266A0D-E726-4BC7-B3B9-6E3176415188",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125468:*:*:*:*:*:*",
              "matchCriteriaId": "046B7B6F-85DE-4BDB-8860-ECA208C4D697",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125469:*:*:*:*:*:*",
              "matchCriteriaId": "C60E51D9-A842-49FF-8793-84C074DBE5EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125470:*:*:*:*:*:*",
              "matchCriteriaId": "753B2FC9-342B-4456-85D9-27734BE7C6FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125476:*:*:*:*:*:*",
              "matchCriteriaId": "BE930B14-4B22-4299-8DE8-7625342FC4E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125482:*:*:*:*:*:*",
              "matchCriteriaId": "45B93007-AD6A-4978-9752-41DF72D34A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125483:*:*:*:*:*:*",
              "matchCriteriaId": "863CBACB-F9A3-44AC-B795-C2C0EB5C9E3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125485:*:*:*:*:*:*",
              "matchCriteriaId": "AB28B644-BFD0-4588-B544-A139B26DDDE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125486:*:*:*:*:*:*",
              "matchCriteriaId": "944F7C2F-53D4-4933-BD63-DF15C5A5CD65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125487:*:*:*:*:*:*",
              "matchCriteriaId": "F6D0F0D1-7DF5-4C8D-9B31-B347E5A567DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125488:*:*:*:*:*:*",
              "matchCriteriaId": "870A721F-2991-4041-AB1D-DE3D953B8669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125489:*:*:*:*:*:*",
              "matchCriteriaId": "4F7FC0E5-8D0D-45CF-AEFA-180B79BC8B0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125567:*:*:*:*:*:*",
              "matchCriteriaId": "7D394493-D690-44F0-B3F0-FD39E46F31C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125568:*:*:*:*:*:*",
              "matchCriteriaId": "AF8CBF57-EF1A-4C84-879B-1A4035F4236A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125587:*:*:*:*:*:*",
              "matchCriteriaId": "2F1E924E-8896-41CE-82E2-F22943A02FCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125588:*:*:*:*:*:*",
              "matchCriteriaId": "FB058840-E3D0-45FA-B95F-3445A7719118",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125589:*:*:*:*:*:*",
              "matchCriteriaId": "FD9B23C4-3458-4E6C-B1AB-D4A36BE8FFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125597:*:*:*:*:*:*",
              "matchCriteriaId": "D2A7AA89-7233-4624-894A-B2B996D1D270",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125598:*:*:*:*:*:*",
              "matchCriteriaId": "B6B402ED-8B64-4FB0-B9E7-76E499A4115F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125599:*:*:*:*:*:*",
              "matchCriteriaId": "4E8B01F2-0A03-48CF-8BAE-556A9C3D88FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125601:*:*:*:*:*:*",
              "matchCriteriaId": "3C07E022-B75C-4491-8A30-9A1532D0472C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125603:*:*:*:*:*:*",
              "matchCriteriaId": "00E92DB5-8D53-4129-92D0-AD1DA0F1FEB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125604:*:*:*:*:*:*",
              "matchCriteriaId": "913CD99C-8F47-47BD-BD7C-33762861BB08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125605:*:*:*:*:*:*",
              "matchCriteriaId": "67B7F52E-7D7A-4AA9-9241-FFCC3DD49BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125611:*:*:*:*:*:*",
              "matchCriteriaId": "D02650C3-1A7F-4889-B6CB-11994054B5F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125612:*:*:*:*:*:*",
              "matchCriteriaId": "01FEA1CA-351B-4E2B-A78E-60338682F97F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125613:*:*:*:*:*:*",
              "matchCriteriaId": "04C9E097-FE04-42BD-96C8-2A3A9FD50B25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125614:*:*:*:*:*:*",
              "matchCriteriaId": "94F895DB-C865-4AED-A1D9-CE69C0EF52FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125615:*:*:*:*:*:*",
              "matchCriteriaId": "8B565B12-283F-4323-9C88-FD3CF5646DD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125616:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC3394-293E-44CF-A83F-FE047A4E4DE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125617:*:*:*:*:*:*",
              "matchCriteriaId": "01846F8F-D7D6-4CD9-B83E-41B70C691761",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125628:*:*:*:*:*:*",
              "matchCriteriaId": "CAE013FC-357D-42DA-B223-D40B3C813089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125629:*:*:*:*:*:*",
              "matchCriteriaId": "E4BA87E9-5E37-41EE-835C-13F68ABC9C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125630:*:*:*:*:*:*",
              "matchCriteriaId": "D2034E17-2DB9-4229-B7D4-D14761CEE699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125631:*:*:*:*:*:*",
              "matchCriteriaId": "39FBAFB9-5703-4EEA-BFF3-45B958E0805F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125632:*:*:*:*:*:*",
              "matchCriteriaId": "775D060A-773F-40BE-8FF3-6353EEA6A6BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125634:*:*:*:*:*:*",
              "matchCriteriaId": "D8326A48-9DDB-4502-B97F-ABCB151E2C8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125635:*:*:*:*:*:*",
              "matchCriteriaId": "94ACC068-8260-4331-8B1C-E19B66D0738B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125638:*:*:*:*:*:*",
              "matchCriteriaId": "FE3C3B0A-BD28-4291-BD28-61A1EEB7AE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125639:*:*:*:*:*:*",
              "matchCriteriaId": "94A96109-2BDE-4836-B1BF-FC90003DC018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125645:*:*:*:*:*:*",
              "matchCriteriaId": "E1303424-7BCA-4445-BDBC-B4B546E0ED05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125648:*:*:*:*:*:*",
              "matchCriteriaId": "EFFB585B-80EB-4EA3-BEC6-4E34FE952948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125649:*:*:*:*:*:*",
              "matchCriteriaId": "8D7B62B9-AAD9-4021-A806-21E61719E437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125651:*:*:*:*:*:*",
              "matchCriteriaId": "F1BF50D1-031E-4E39-9D15-FFC2CFB636D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125652:*:*:*:*:*:*",
              "matchCriteriaId": "F045D3C8-315C-42AB-B9D0-4B5267E70417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125653:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FD2D6-9BA7-4889-96A2-DC946831469F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125654:*:*:*:*:*:*",
              "matchCriteriaId": "3D86914B-49B5-4002-A4C7-3712C87F7626",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125655:*:*:*:*:*:*",
              "matchCriteriaId": "9B2EBC6B-0C4D-40A7-A1B7-4AC7BF98A744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "2C5ED401-A964-44D5-AB2F-C07D35BD96D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125657:*:*:*:*:*:*",
              "matchCriteriaId": "E424B820-3C4E-45C0-B74F-470E1E331127",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "1C14D389-AA7A-4CD3-A0B5-EF052907FEE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126002:*:*:*:*:*:*",
              "matchCriteriaId": "31498701-6732-40E4-8F3D-55EE8A77D61B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126104:*:*:*:*:*:*",
              "matchCriteriaId": "356504E5-BE0A-4F54-8713-AC9EA29D189C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126118:*:*:*:*:*:*",
              "matchCriteriaId": "B621572C-448C-43C4-AF8E-EEBCFADF3630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "AAAF3692-3979-494B-831A-D8BFE127A6C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "342D59C3-B7A8-44AF-8298-743F5487CD91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "9A6D1AC1-8480-42C9-90C6-F47E58B7E44B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125657:*:*:*:*:*:*",
              "matchCriteriaId": "8BBD4797-AC5A-4CBE-8878-067116BB8E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "F31C74BA-085E-482C-A1E8-D6E9A69462B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "5D3E1BC5-7D01-45E9-A92D-7F2D623F1C4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "B15B6E60-9DF9-4524-8387-8CF0B2B6D0F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126002:*:*:*:*:*:*",
              "matchCriteriaId": "DEB00990-C73C-4B46-B87D-80E3B5B39302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "06AEE3B8-3A71-466D-880F-B39E6E4D9899",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "C7E2FFFB-975D-4FFF-A54E-01336B2687BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126104:*:*:*:*:*:*",
              "matchCriteriaId": "34A43740-26B4-4D73-BC53-7D14529BA78B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "4C1FB9D8-1DA7-486C-9418-9C00F4D184D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "F78374E4-E4AF-4E77-9AE6-BEC58DCAB6AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "8912068D-3412-47E5-A790-0CDB29E05F20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "989668B0-0AEB-4E8B-AC51-42058CC6AC3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "DC747248-7154-440A-BCD7-2E0F8ACFC042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125657:*:*:*:*:*:*",
              "matchCriteriaId": "6A811C73-AE4A-4B56-841E-A8F2649463E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "F4791DD2-AD34-4239-85CB-D87080D97AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "F6E1060D-0E32-4330-BB0A-C35D5E11BCE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "FB7DAAA8-6A7B-41EF-8783-7EFDEE747332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126002:*:*:*:*:*:*",
              "matchCriteriaId": "87907DDD-12AF-435A-A005-893FED115AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "EA101FBC-D697-4A7E-B539-79097228B735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "4CC9EF3C-6768-4976-94C8-3FBEE6093ECF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126104:*:*:*:*:*:*",
              "matchCriteriaId": "362871E6-BF7C-46D4-8EFE-C87E96C71799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "B5934D8A-C10F-47BC-BB73-45B8CB71C686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "59E334B0-6BF6-4674-9D9D-7E9C988BAB57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "E866F2AE-FB51-4270-A673-B1299C7CD2F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "2BF85206-863D-493C-88F4-15B0BA5276A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "3C9DE996-1DEC-4AF0-89FD-1E3DA3967BC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "75FF4D85-97C8-4DF4-ADE6-EDE8EC2DD5BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "9CAC6467-19F7-4CB2-A5FC-B57A14F4636C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "60EB56E2-7367-4488-A00D-41464E86B06D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "3E315636-0897-4421-882D-E8196F7ACAD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125657:*:*:*:*:*:*",
              "matchCriteriaId": "6DC52F3E-EC5F-404B-ABD7-615B8AB522A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "E3552F71-C708-41A4-9168-5673C086F507",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "9505C545-2540-4554-B774-6ECCD64D6115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "06CF15AE-51A6-4FB4-A0DA-6097F0B2BE98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126002:*:*:*:*:*:*",
              "matchCriteriaId": "7B97826F-4765-4D11-972E-EEA0E23CE7CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "11A17B44-C69A-424A-A305-0AD61DCDA2A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "8600CCB2-4642-4760-AE10-854446251673",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "087A0139-FA4B-4C85-BAAD-1BDCF7B5F91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "2F3B1A89-93A9-43F1-9246-E2081F26DBBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126104:*:*:*:*:*:*",
              "matchCriteriaId": "D24EB0A7-64AB-4203-BDAC-57867083FF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "9A7C64F7-9B85-4C7F-95B9-468200D2EA7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "1EE78F81-5F9D-4B98-BA82-24EE281041C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "298A1371-E23E-4954-8C16-B0F70A575A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "BA174B71-5D43-4783-8744-1A4020A157C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "ADB451D9-106E-40DA-A499-B1D8DB1B78BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126119:*:*:*:*:*:*",
              "matchCriteriaId": "156225CC-1B65-4AB2-80CE-806491E0E973",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
    },
    {
      "lang": "es",
      "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer y OpUtils versiones anteriores a 125658, 126003, 126105 y 126120, permiten a usuarios autenticados realizar cambios en la base de datos que conllevan a una ejecuci\u00f3n de c\u00f3digo remota en la funci\u00f3n NMAP"
    }
  ],
  "id": "CVE-2022-38772",
  "lastModified": "2024-11-21T07:17:03.677",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-08-29T21:15:09.227",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://manageengine.com"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://manageengine.com"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-37024

Vulnerability from fkie_nvd - Published: 2022-08-10 20:16 - Updated: 2024-11-21 07:14
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.
References
cve@mitre.orghttps://www.manageengine.com/itom/advisory/cve-2022-37024.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.manageengine.com/itom/advisory/cve-2022-37024.htmlVendor Advisory
Impacted products
Vendor Product Version
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "95767F18-02DA-4B39-941E-3111639A8295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "3D6B8568-FCE8-4283-A41A-98DDA07B3631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "D6CF42CA-ED4F-4184-B392-B9BA6846A7D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "2AFC22CB-4540-498A-AAA1-0F6D1676F290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "6585CDEA-9649-45A3-8965-E2CEAB1ADFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "5D9F4070-68B1-4444-991A-A2CB0063442A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "EF7CDF11-A00E-47B6-B8E3-512998134656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "A0B3AA58-0D48-4152-BF08-357D4A2098AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "22171713-63E5-42F8-BD7B-835447371595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "D42A5730-622F-4903-991D-B54881349ABC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "EC69DF45-45F8-4C7B-8457-666270C95895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "A33E48DB-3CC9-43FD-85F8-0F3C389B961E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "389CF8B9-F431-4369-A581-4BFBA1305A9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "DBD1E3BA-4112-4AD5-A616-BCFD2D5C5FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "4FFD8500-5E07-4B3E-88EC-27C403A9B44E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "0BED22ED-D040-4439-AEC6-8CCD74F29217",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "4D1C56BB-D28D-48B6-BA6B-7B403E248648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "A49349AE-4EA2-4CE4-B8B9-326D44264B33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "BEC805D2-CFDC-40DE-AA70-42A91461BEE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "4767BF5A-B867-44BB-B152-E2AFA63B06D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "5855C471-07AB-4A96-9631-26C6C8B01F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "5075910F-3676-439A-879A-5CBE2C734347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "20808F91-7F08-4BA9-9075-C54337EC68E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "C700CE3B-31B5-4B4D-A378-70EC26D6F88B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "574117B3-2785-4971-ABBE-55C08010E16B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "8C4AA98C-BFFE-46E9-A3C3-D37298A8F6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "B907FD6F-BA43-4D8D-90C4-F51CD693E9B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "B6CF111E-B976-46D1-A246-B7D1750FFC45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "36CBCAF8-B7FE-4611-A9DE-C82BCDE81A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "33D8FC4D-0EF1-4C5B-A677-7269FFF068C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "C510DE4D-B2AB-404D-BA49-3CE09FAECB2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "6594EF08-E72F-4A59-86DB-B63E0CCE4463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "219B0F9E-A087-4AA2-B723-E3D68BEC9D21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "852A63FF-F97B-4BB9-869F-383E9FABE929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "FA6C4793-6913-4C51-A2D4-B906D2CBEA94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "3AF232D9-6735-4296-91C8-A451A1801287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "855EA944-CB73-4193-94E0-9D706FF554C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "002FDBC8-72DE-46C6-A84B-B4A51F3228F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "AABA0E18-790D-4A86-91C4-1C50D2B6167C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "797C3F7A-E5CE-48B7-9BC1-4A637131C061",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "7EE387F3-24C8-4933-A25E-D9C4026469D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "2D219374-C6A2-4A28-AF41-ABC633D8C9ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "88C4DF20-F8A7-4673-9639-42522C6BB3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "722ACCC8-EC9C-4700-A5D0-5C6EFE8E36AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "FC0970ED-62DC-442B-AA29-618ADBD66E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "8D6852F2-14B0-4EAE-B420-67A0103C10EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "BF0CBE7F-B124-4ABD-82F5-CB85341CAC86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "08A4CCDD-0892-4FF3-8E17-41D6AB8FC747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "2DB6B15E-6513-4590-A5C1-A949341411F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "C1DF8B30-1820-4DA1-AB30-996FCC99192B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "09C0FF80-AF4C-47F9-B35C-12A7F2843D0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "6445A4A5-E41D-4B60-88E7-0E5B66C2A096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "645D9C07-A2F4-4E8B-B2FD-39330CD7BE14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "63739B14-BBAF-4F12-A178-36CE2C0F6B5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "B652092E-570C-4D4E-A133-627426C50F6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "DC13FB20-119C-47F9-870D-399811661896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "1C14D389-AA7A-4CD3-A0B5-EF052907FEE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "342D59C3-B7A8-44AF-8298-743F5487CD91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "9A6D1AC1-8480-42C9-90C6-F47E58B7E44B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "F31C74BA-085E-482C-A1E8-D6E9A69462B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "5D3E1BC5-7D01-45E9-A92D-7F2D623F1C4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "B15B6E60-9DF9-4524-8387-8CF0B2B6D0F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "06AEE3B8-3A71-466D-880F-B39E6E4D9899",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "C7E2FFFB-975D-4FFF-A54E-01336B2687BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "4C1FB9D8-1DA7-486C-9418-9C00F4D184D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "F78374E4-E4AF-4E77-9AE6-BEC58DCAB6AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "989668B0-0AEB-4E8B-AC51-42058CC6AC3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "DC747248-7154-440A-BCD7-2E0F8ACFC042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "F4791DD2-AD34-4239-85CB-D87080D97AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "F6E1060D-0E32-4330-BB0A-C35D5E11BCE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "FB7DAAA8-6A7B-41EF-8783-7EFDEE747332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "EA101FBC-D697-4A7E-B539-79097228B735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "4CC9EF3C-6768-4976-94C8-3FBEE6093ECF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "B5934D8A-C10F-47BC-BB73-45B8CB71C686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "59E334B0-6BF6-4674-9D9D-7E9C988BAB57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "2BF85206-863D-493C-88F4-15B0BA5276A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "3C9DE996-1DEC-4AF0-89FD-1E3DA3967BC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "75FF4D85-97C8-4DF4-ADE6-EDE8EC2DD5BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "9CAC6467-19F7-4CB2-A5FC-B57A14F4636C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "60EB56E2-7367-4488-A00D-41464E86B06D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "3E315636-0897-4421-882D-E8196F7ACAD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "E3552F71-C708-41A4-9168-5673C086F507",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "9505C545-2540-4554-B774-6ECCD64D6115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "06CF15AE-51A6-4FB4-A0DA-6097F0B2BE98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "11A17B44-C69A-424A-A305-0AD61DCDA2A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "8600CCB2-4642-4760-AE10-854446251673",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "087A0139-FA4B-4C85-BAAD-1BDCF7B5F91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "2F3B1A89-93A9-43F1-9246-E2081F26DBBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "9A7C64F7-9B85-4C7F-95B9-468200D2EA7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "1EE78F81-5F9D-4B98-BA82-24EE281041C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "298A1371-E23E-4954-8C16-B0F70A575A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "BA174B71-5D43-4783-8744-1A4020A157C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "ADB451D9-106E-40DA-A499-B1D8DB1B78BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution."
    },
    {
      "lang": "es",
      "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer y OpUtils versiones anteriores a 29-07-2022 hasta 30-07-2022 ( 125658, 126003, 126105 y 126120) permiten a usuarios autenticados realizar cambios en la base de datos que conllevan a una ejecuci\u00f3n de c\u00f3digo remota"
    }
  ],
  "id": "CVE-2022-37024",
  "lastModified": "2024-11-21T07:14:18.503",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-08-10T20:16:05.147",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36923

Vulnerability from fkie_nvd - Published: 2022-08-10 20:16 - Updated: 2025-09-24 19:43
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
References
cve@mitre.orghttps://www.manageengine.com/itom/advisory/cve-2022-36923.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.manageengine.com/itom/advisory/cve-2022-36923.htmlVendor Advisory
Impacted products
Vendor Product Version
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "95767F18-02DA-4B39-941E-3111639A8295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "3D6B8568-FCE8-4283-A41A-98DDA07B3631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "D6CF42CA-ED4F-4184-B392-B9BA6846A7D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "2AFC22CB-4540-498A-AAA1-0F6D1676F290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "6585CDEA-9649-45A3-8965-E2CEAB1ADFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "5D9F4070-68B1-4444-991A-A2CB0063442A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "EF7CDF11-A00E-47B6-B8E3-512998134656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "A0B3AA58-0D48-4152-BF08-357D4A2098AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "22171713-63E5-42F8-BD7B-835447371595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "D42A5730-622F-4903-991D-B54881349ABC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "EC69DF45-45F8-4C7B-8457-666270C95895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "A33E48DB-3CC9-43FD-85F8-0F3C389B961E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "389CF8B9-F431-4369-A581-4BFBA1305A9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "DBD1E3BA-4112-4AD5-A616-BCFD2D5C5FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "4FFD8500-5E07-4B3E-88EC-27C403A9B44E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "0BED22ED-D040-4439-AEC6-8CCD74F29217",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "4D1C56BB-D28D-48B6-BA6B-7B403E248648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "A49349AE-4EA2-4CE4-B8B9-326D44264B33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "BEC805D2-CFDC-40DE-AA70-42A91461BEE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "4767BF5A-B867-44BB-B152-E2AFA63B06D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "5855C471-07AB-4A96-9631-26C6C8B01F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "5075910F-3676-439A-879A-5CBE2C734347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "20808F91-7F08-4BA9-9075-C54337EC68E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "C700CE3B-31B5-4B4D-A378-70EC26D6F88B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "574117B3-2785-4971-ABBE-55C08010E16B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "8C4AA98C-BFFE-46E9-A3C3-D37298A8F6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "B907FD6F-BA43-4D8D-90C4-F51CD693E9B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "B6CF111E-B976-46D1-A246-B7D1750FFC45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "36CBCAF8-B7FE-4611-A9DE-C82BCDE81A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "33D8FC4D-0EF1-4C5B-A677-7269FFF068C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "C510DE4D-B2AB-404D-BA49-3CE09FAECB2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "6594EF08-E72F-4A59-86DB-B63E0CCE4463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "219B0F9E-A087-4AA2-B723-E3D68BEC9D21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "852A63FF-F97B-4BB9-869F-383E9FABE929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "FA6C4793-6913-4C51-A2D4-B906D2CBEA94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "3AF232D9-6735-4296-91C8-A451A1801287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "855EA944-CB73-4193-94E0-9D706FF554C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "002FDBC8-72DE-46C6-A84B-B4A51F3228F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "AABA0E18-790D-4A86-91C4-1C50D2B6167C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "797C3F7A-E5CE-48B7-9BC1-4A637131C061",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "7EE387F3-24C8-4933-A25E-D9C4026469D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "2D219374-C6A2-4A28-AF41-ABC633D8C9ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "88C4DF20-F8A7-4673-9639-42522C6BB3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "722ACCC8-EC9C-4700-A5D0-5C6EFE8E36AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "FC0970ED-62DC-442B-AA29-618ADBD66E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "8D6852F2-14B0-4EAE-B420-67A0103C10EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "BF0CBE7F-B124-4ABD-82F5-CB85341CAC86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "08A4CCDD-0892-4FF3-8E17-41D6AB8FC747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "2DB6B15E-6513-4590-A5C1-A949341411F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "C1DF8B30-1820-4DA1-AB30-996FCC99192B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "09C0FF80-AF4C-47F9-B35C-12A7F2843D0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "6445A4A5-E41D-4B60-88E7-0E5B66C2A096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "645D9C07-A2F4-4E8B-B2FD-39330CD7BE14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "63739B14-BBAF-4F12-A178-36CE2C0F6B5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "B652092E-570C-4D4E-A133-627426C50F6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "DC13FB20-119C-47F9-870D-399811661896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "1C14D389-AA7A-4CD3-A0B5-EF052907FEE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "342D59C3-B7A8-44AF-8298-743F5487CD91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "9A6D1AC1-8480-42C9-90C6-F47E58B7E44B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "F31C74BA-085E-482C-A1E8-D6E9A69462B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "5D3E1BC5-7D01-45E9-A92D-7F2D623F1C4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "B15B6E60-9DF9-4524-8387-8CF0B2B6D0F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "06AEE3B8-3A71-466D-880F-B39E6E4D9899",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "C7E2FFFB-975D-4FFF-A54E-01336B2687BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "4C1FB9D8-1DA7-486C-9418-9C00F4D184D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "F78374E4-E4AF-4E77-9AE6-BEC58DCAB6AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "989668B0-0AEB-4E8B-AC51-42058CC6AC3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125656:*:*:*:*:*:*",
              "matchCriteriaId": "DC747248-7154-440A-BCD7-2E0F8ACFC042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "F4791DD2-AD34-4239-85CB-D87080D97AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "F6E1060D-0E32-4330-BB0A-C35D5E11BCE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "FB7DAAA8-6A7B-41EF-8783-7EFDEE747332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "EA101FBC-D697-4A7E-B539-79097228B735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "4CC9EF3C-6768-4976-94C8-3FBEE6093ECF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "B5934D8A-C10F-47BC-BB73-45B8CB71C686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "59E334B0-6BF6-4674-9D9D-7E9C988BAB57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*",
              "matchCriteriaId": "2BF85206-863D-493C-88F4-15B0BA5276A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*",
              "matchCriteriaId": "3C9DE996-1DEC-4AF0-89FD-1E3DA3967BC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*",
              "matchCriteriaId": "75FF4D85-97C8-4DF4-ADE6-EDE8EC2DD5BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*",
              "matchCriteriaId": "9CAC6467-19F7-4CB2-A5FC-B57A14F4636C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*",
              "matchCriteriaId": "60EB56E2-7367-4488-A00D-41464E86B06D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*",
              "matchCriteriaId": "3E315636-0897-4421-882D-E8196F7ACAD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*",
              "matchCriteriaId": "E3552F71-C708-41A4-9168-5673C086F507",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126000:*:*:*:*:*:*",
              "matchCriteriaId": "9505C545-2540-4554-B774-6ECCD64D6115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126001:*:*:*:*:*:*",
              "matchCriteriaId": "06CF15AE-51A6-4FB4-A0DA-6097F0B2BE98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126100:*:*:*:*:*:*",
              "matchCriteriaId": "11A17B44-C69A-424A-A305-0AD61DCDA2A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126101:*:*:*:*:*:*",
              "matchCriteriaId": "8600CCB2-4642-4760-AE10-854446251673",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126102:*:*:*:*:*:*",
              "matchCriteriaId": "087A0139-FA4B-4C85-BAAD-1BDCF7B5F91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126103:*:*:*:*:*:*",
              "matchCriteriaId": "2F3B1A89-93A9-43F1-9246-E2081F26DBBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126113:*:*:*:*:*:*",
              "matchCriteriaId": "9A7C64F7-9B85-4C7F-95B9-468200D2EA7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126114:*:*:*:*:*:*",
              "matchCriteriaId": "1EE78F81-5F9D-4B98-BA82-24EE281041C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126115:*:*:*:*:*:*",
              "matchCriteriaId": "298A1371-E23E-4954-8C16-B0F70A575A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126116:*:*:*:*:*:*",
              "matchCriteriaId": "BA174B71-5D43-4783-8744-1A4020A157C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126117:*:*:*:*:*:*",
              "matchCriteriaId": "ADB451D9-106E-40DA-A499-B1D8DB1B78BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user\u0027s API key, and then access external APIs."
    },
    {
      "lang": "es",
      "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer y OpUtils versiones anteriores a 27-07-2022 hasta 28-07-2022 (125657, 126002, 126104 y 126118) permiten a atacantes no autenticados obtener la clave API de un usuario y luego acceder a APIs externas"
    }
  ],
  "id": "CVE-2022-36923",
  "lastModified": "2025-09-24T19:43:46.907",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-08-10T20:16:03.343",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CVE-2024-5466 (GCVE-0-2024-5466)

Vulnerability from cvelistv5 – Published: 2024-08-23 13:23 – Updated: 2024-08-23 15:37
VLAI?
Summary
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
Vendor Product Version
ManageEngine OpManager, Remote Monitoring and Management Affected: 0 , ≤ 128329 (128329)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:zohocorp:manageengine_opmanager_rmm:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "manageengine_opmanager_rmm",
            "vendor": "zohocorp",
            "versions": [
              {
                "lessThanOrEqual": "128329",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "manageengine_opmanager_plus",
            "vendor": "zohocorp",
            "versions": [
              {
                "lessThanOrEqual": "128329",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "manageengine_opmanager_msp",
            "vendor": "zohocorp",
            "versions": [
              {
                "lessThanOrEqual": "128329",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "manageengine_opmanager",
            "vendor": "zohocorp",
            "versions": [
              {
                "lessThanOrEqual": "128329",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5466",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-23T15:23:03.122113Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-23T15:37:32.493Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.manageengine.com/network-monitoring/",
          "defaultStatus": "unaffected",
          "product": "OpManager, Remote Monitoring and Management",
          "vendor": "ManageEngine",
          "versions": [
            {
              "lessThanOrEqual": "128329",
              "status": "affected",
              "version": "0",
              "versionType": "128329"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Zohocorp ManageEngine OpManager and\u0026nbsp;Remote Monitoring and Management versions\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Zohocorp ManageEngine OpManager and\u00a0Remote Monitoring and Management versions\u00a0128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-23T13:23:22.144Z",
        "orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
        "shortName": "ManageEngine"
      },
      "references": [
        {
          "url": "https://www.manageengine.com/itom/advisory/cve-2024-5466.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Remote Code Execution",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
    "assignerShortName": "ManageEngine",
    "cveId": "CVE-2024-5466",
    "datePublished": "2024-08-23T13:23:22.144Z",
    "dateReserved": "2024-05-29T09:42:19.974Z",
    "dateUpdated": "2024-08-23T15:37:32.493Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-47211 (GCVE-0-2023-47211)

Vulnerability from cvelistv5 – Published: 2024-01-08 14:45 – Updated: 2025-11-04 18:19
VLAI?
Summary
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
Severity ?
9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
Vendor Product Version
ManageEngine OpManager Affected: 12.7.258
Create a notification for this product.
Credits
Discovered by Marcin 'Icewall' Noga of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:19:03.852Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
          },
          {
            "name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-47211",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T20:12:00.487172Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T14:37:27.707Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpManager",
          "vendor": "ManageEngine",
          "versions": [
            {
              "status": "affected",
              "version": "12.7.258"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Marcin \u0026#39;Icewall\u0026#39; Noga of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-08T18:00:25.765Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
        },
        {
          "name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html",
          "url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-47211",
    "datePublished": "2024-01-08T14:45:37.183Z",
    "dateReserved": "2023-11-07T15:35:52.521Z",
    "dateUpdated": "2025-11-04T18:19:03.852Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-43473 (GCVE-0-2022-43473)

Vulnerability from cvelistv5 – Published: 2023-03-30 16:28 – Updated: 2025-02-11 19:14
VLAI?
Summary
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve a malicious XML payload to trigger this vulnerability.
Severity ?
5.8 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
CWE
  • CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Assigner
References
Impacted products
Vendor Product Version
ManageEngine OpManager Affected: 12.6.168
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.643Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
          },
          {
            "name": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43473",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T19:13:55.362515Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T19:14:03.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpManager",
          "vendor": "ManageEngine",
          "versions": [
            {
              "status": "affected",
              "version": " 12.6.168"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve \r\na malicious XML payload to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-30T16:28:35.983Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
        },
        {
          "name": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html",
          "url": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2022-43473",
    "datePublished": "2023-03-30T16:28:35.983Z",
    "dateReserved": "2022-12-05T20:53:36.058Z",
    "dateUpdated": "2025-02-11T19:14:03.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-38772 (GCVE-0-2022-38772)

Vulnerability from cvelistv5 – Published: 2022-08-29 20:21 – Updated: 2024-08-03 11:02
VLAI?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T11:02:14.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://manageengine.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-29T20:21:57",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://manageengine.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-38772",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://manageengine.com",
              "refsource": "MISC",
              "url": "https://manageengine.com"
            },
            {
              "name": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html",
              "refsource": "MISC",
              "url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-38772",
    "datePublished": "2022-08-29T20:21:57",
    "dateReserved": "2022-08-25T00:00:00",
    "dateUpdated": "2024-08-03T11:02:14.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36923 (GCVE-0-2022-36923)

Vulnerability from cvelistv5 – Published: 2022-08-10 14:17 – Updated: 2025-08-27 18:47
VLAI?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
Severity ?
5.4 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:14:29.360Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-36923",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-27T18:46:42.662021Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T18:47:32.363Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user\u0027s API key, and then access external APIs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-10T14:17:09.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36923",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user\u0027s API key, and then access external APIs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html",
              "refsource": "MISC",
              "url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36923",
    "datePublished": "2022-08-10T14:17:09.000Z",
    "dateReserved": "2022-07-27T00:00:00.000Z",
    "dateUpdated": "2025-08-27T18:47:32.363Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-37024 (GCVE-0-2022-37024)

Vulnerability from cvelistv5 – Published: 2022-08-09 15:15 – Updated: 2024-08-03 10:21
VLAI?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-09T15:15:36",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-37024",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html",
              "refsource": "MISC",
              "url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-37024",
    "datePublished": "2022-08-09T15:15:36",
    "dateReserved": "2022-07-29T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5466 (GCVE-0-2024-5466)

Vulnerability from nvd – Published: 2024-08-23 13:23 – Updated: 2024-08-23 15:37
VLAI?
Summary
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
Vendor Product Version
ManageEngine OpManager, Remote Monitoring and Management Affected: 0 , ≤ 128329 (128329)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:zohocorp:manageengine_opmanager_rmm:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "manageengine_opmanager_rmm",
            "vendor": "zohocorp",
            "versions": [
              {
                "lessThanOrEqual": "128329",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "manageengine_opmanager_plus",
            "vendor": "zohocorp",
            "versions": [
              {
                "lessThanOrEqual": "128329",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "manageengine_opmanager_msp",
            "vendor": "zohocorp",
            "versions": [
              {
                "lessThanOrEqual": "128329",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "manageengine_opmanager",
            "vendor": "zohocorp",
            "versions": [
              {
                "lessThanOrEqual": "128329",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5466",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-23T15:23:03.122113Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-23T15:37:32.493Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.manageengine.com/network-monitoring/",
          "defaultStatus": "unaffected",
          "product": "OpManager, Remote Monitoring and Management",
          "vendor": "ManageEngine",
          "versions": [
            {
              "lessThanOrEqual": "128329",
              "status": "affected",
              "version": "0",
              "versionType": "128329"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Zohocorp ManageEngine OpManager and\u0026nbsp;Remote Monitoring and Management versions\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Zohocorp ManageEngine OpManager and\u00a0Remote Monitoring and Management versions\u00a0128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-23T13:23:22.144Z",
        "orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
        "shortName": "ManageEngine"
      },
      "references": [
        {
          "url": "https://www.manageengine.com/itom/advisory/cve-2024-5466.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Remote Code Execution",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
    "assignerShortName": "ManageEngine",
    "cveId": "CVE-2024-5466",
    "datePublished": "2024-08-23T13:23:22.144Z",
    "dateReserved": "2024-05-29T09:42:19.974Z",
    "dateUpdated": "2024-08-23T15:37:32.493Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-47211 (GCVE-0-2023-47211)

Vulnerability from nvd – Published: 2024-01-08 14:45 – Updated: 2025-11-04 18:19
VLAI?
Summary
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
Severity ?
9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
Vendor Product Version
ManageEngine OpManager Affected: 12.7.258
Create a notification for this product.
Credits
Discovered by Marcin 'Icewall' Noga of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:19:03.852Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
          },
          {
            "name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-47211",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T20:12:00.487172Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T14:37:27.707Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpManager",
          "vendor": "ManageEngine",
          "versions": [
            {
              "status": "affected",
              "version": "12.7.258"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Marcin \u0026#39;Icewall\u0026#39; Noga of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-08T18:00:25.765Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
        },
        {
          "name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html",
          "url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-47211",
    "datePublished": "2024-01-08T14:45:37.183Z",
    "dateReserved": "2023-11-07T15:35:52.521Z",
    "dateUpdated": "2025-11-04T18:19:03.852Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-43473 (GCVE-0-2022-43473)

Vulnerability from nvd – Published: 2023-03-30 16:28 – Updated: 2025-02-11 19:14
VLAI?
Summary
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve a malicious XML payload to trigger this vulnerability.
Severity ?
5.8 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
CWE
  • CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Assigner
References
Impacted products
Vendor Product Version
ManageEngine OpManager Affected: 12.6.168
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.643Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
          },
          {
            "name": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43473",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T19:13:55.362515Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T19:14:03.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpManager",
          "vendor": "ManageEngine",
          "versions": [
            {
              "status": "affected",
              "version": " 12.6.168"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve \r\na malicious XML payload to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-30T16:28:35.983Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1685"
        },
        {
          "name": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html",
          "url": "https://www.manageengine.com/itom/advisory/cve-2022-43473.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2022-43473",
    "datePublished": "2023-03-30T16:28:35.983Z",
    "dateReserved": "2022-12-05T20:53:36.058Z",
    "dateUpdated": "2025-02-11T19:14:03.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-38772 (GCVE-0-2022-38772)

Vulnerability from nvd – Published: 2022-08-29 20:21 – Updated: 2024-08-03 11:02
VLAI?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T11:02:14.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://manageengine.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-29T20:21:57",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://manageengine.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-38772",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://manageengine.com",
              "refsource": "MISC",
              "url": "https://manageengine.com"
            },
            {
              "name": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html",
              "refsource": "MISC",
              "url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-38772",
    "datePublished": "2022-08-29T20:21:57",
    "dateReserved": "2022-08-25T00:00:00",
    "dateUpdated": "2024-08-03T11:02:14.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36923 (GCVE-0-2022-36923)

Vulnerability from nvd – Published: 2022-08-10 14:17 – Updated: 2025-08-27 18:47
VLAI?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
Severity ?
5.4 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:14:29.360Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-36923",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-27T18:46:42.662021Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T18:47:32.363Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user\u0027s API key, and then access external APIs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-10T14:17:09.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36923",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user\u0027s API key, and then access external APIs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html",
              "refsource": "MISC",
              "url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36923",
    "datePublished": "2022-08-10T14:17:09.000Z",
    "dateReserved": "2022-07-27T00:00:00.000Z",
    "dateUpdated": "2025-08-27T18:47:32.363Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-37024 (GCVE-0-2022-37024)

Vulnerability from nvd – Published: 2022-08-09 15:15 – Updated: 2024-08-03 10:21
VLAI?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-09T15:15:36",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-37024",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html",
              "refsource": "MISC",
              "url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-37024",
    "datePublished": "2022-08-09T15:15:36",
    "dateReserved": "2022-07-29T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}