fkie_cve-2022-36923
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2024-11-21 07:14
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
References
cve@mitre.orghttps://www.manageengine.com/itom/advisory/cve-2022-36923.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.manageengine.com/itom/advisory/cve-2022-36923.htmlVendor Advisory
Impacted products
Vendor Product Version
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.5
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_firewall_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.5
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_netflow_analyzer 12.6
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.5
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_network_configuration_manager 12.6
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.5
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager 12.6
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.5
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_msp 12.6
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.5
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_opmanager_plus 12.6
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.5
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6
zohocorp manageengine_oputils 12.6


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125450:*:*:*:*:*:*",
                     matchCriteriaId: "95767F18-02DA-4B39-941E-3111639A8295",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125451:*:*:*:*:*:*",
                     matchCriteriaId: "3D6B8568-FCE8-4283-A41A-98DDA07B3631",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125452:*:*:*:*:*:*",
                     matchCriteriaId: "D6CF42CA-ED4F-4184-B392-B9BA6846A7D0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125453:*:*:*:*:*:*",
                     matchCriteriaId: "2AFC22CB-4540-498A-AAA1-0F6D1676F290",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125455:*:*:*:*:*:*",
                     matchCriteriaId: "6585CDEA-9649-45A3-8965-E2CEAB1ADFCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125456:*:*:*:*:*:*",
                     matchCriteriaId: "5D9F4070-68B1-4444-991A-A2CB0063442A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125664:*:*:*:*:*:*",
                     matchCriteriaId: "EF7CDF11-A00E-47B6-B8E3-512998134656",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126000:*:*:*:*:*:*",
                     matchCriteriaId: "A0B3AA58-0D48-4152-BF08-357D4A2098AB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126001:*:*:*:*:*:*",
                     matchCriteriaId: "22171713-63E5-42F8-BD7B-835447371595",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126100:*:*:*:*:*:*",
                     matchCriteriaId: "D42A5730-622F-4903-991D-B54881349ABC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126101:*:*:*:*:*:*",
                     matchCriteriaId: "EC69DF45-45F8-4C7B-8457-666270C95895",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126102:*:*:*:*:*:*",
                     matchCriteriaId: "A33E48DB-3CC9-43FD-85F8-0F3C389B961E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126103:*:*:*:*:*:*",
                     matchCriteriaId: "389CF8B9-F431-4369-A581-4BFBA1305A9B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126113:*:*:*:*:*:*",
                     matchCriteriaId: "DBD1E3BA-4112-4AD5-A616-BCFD2D5C5FDB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126114:*:*:*:*:*:*",
                     matchCriteriaId: "4FFD8500-5E07-4B3E-88EC-27C403A9B44E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126115:*:*:*:*:*:*",
                     matchCriteriaId: "0BED22ED-D040-4439-AEC6-8CCD74F29217",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126116:*:*:*:*:*:*",
                     matchCriteriaId: "4D1C56BB-D28D-48B6-BA6B-7B403E248648",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126117:*:*:*:*:*:*",
                     matchCriteriaId: "A49349AE-4EA2-4CE4-B8B9-326D44264B33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*",
                     matchCriteriaId: "BEC805D2-CFDC-40DE-AA70-42A91461BEE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*",
                     matchCriteriaId: "4767BF5A-B867-44BB-B152-E2AFA63B06D2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*",
                     matchCriteriaId: "5855C471-07AB-4A96-9631-26C6C8B01F67",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*",
                     matchCriteriaId: "5075910F-3676-439A-879A-5CBE2C734347",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*",
                     matchCriteriaId: "20808F91-7F08-4BA9-9075-C54337EC68E5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*",
                     matchCriteriaId: "C700CE3B-31B5-4B4D-A378-70EC26D6F88B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*",
                     matchCriteriaId: "574117B3-2785-4971-ABBE-55C08010E16B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126000:*:*:*:*:*:*",
                     matchCriteriaId: "8C4AA98C-BFFE-46E9-A3C3-D37298A8F6F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126001:*:*:*:*:*:*",
                     matchCriteriaId: "B907FD6F-BA43-4D8D-90C4-F51CD693E9B5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126100:*:*:*:*:*:*",
                     matchCriteriaId: "B6CF111E-B976-46D1-A246-B7D1750FFC45",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126101:*:*:*:*:*:*",
                     matchCriteriaId: "36CBCAF8-B7FE-4611-A9DE-C82BCDE81A86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126102:*:*:*:*:*:*",
                     matchCriteriaId: "33D8FC4D-0EF1-4C5B-A677-7269FFF068C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126103:*:*:*:*:*:*",
                     matchCriteriaId: "C510DE4D-B2AB-404D-BA49-3CE09FAECB2B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126113:*:*:*:*:*:*",
                     matchCriteriaId: "6594EF08-E72F-4A59-86DB-B63E0CCE4463",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126114:*:*:*:*:*:*",
                     matchCriteriaId: "219B0F9E-A087-4AA2-B723-E3D68BEC9D21",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126115:*:*:*:*:*:*",
                     matchCriteriaId: "852A63FF-F97B-4BB9-869F-383E9FABE929",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126116:*:*:*:*:*:*",
                     matchCriteriaId: "FA6C4793-6913-4C51-A2D4-B906D2CBEA94",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126117:*:*:*:*:*:*",
                     matchCriteriaId: "3AF232D9-6735-4296-91C8-A451A1801287",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125450:*:*:*:*:*:*",
                     matchCriteriaId: "855EA944-CB73-4193-94E0-9D706FF554C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125451:*:*:*:*:*:*",
                     matchCriteriaId: "002FDBC8-72DE-46C6-A84B-B4A51F3228F6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125452:*:*:*:*:*:*",
                     matchCriteriaId: "AABA0E18-790D-4A86-91C4-1C50D2B6167C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125453:*:*:*:*:*:*",
                     matchCriteriaId: "797C3F7A-E5CE-48B7-9BC1-4A637131C061",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*",
                     matchCriteriaId: "7EE387F3-24C8-4933-A25E-D9C4026469D8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125456:*:*:*:*:*:*",
                     matchCriteriaId: "2D219374-C6A2-4A28-AF41-ABC633D8C9ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*",
                     matchCriteriaId: "88C4DF20-F8A7-4673-9639-42522C6BB3C2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126000:*:*:*:*:*:*",
                     matchCriteriaId: "722ACCC8-EC9C-4700-A5D0-5C6EFE8E36AD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126001:*:*:*:*:*:*",
                     matchCriteriaId: "FC0970ED-62DC-442B-AA29-618ADBD66E13",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126100:*:*:*:*:*:*",
                     matchCriteriaId: "8D6852F2-14B0-4EAE-B420-67A0103C10EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126101:*:*:*:*:*:*",
                     matchCriteriaId: "BF0CBE7F-B124-4ABD-82F5-CB85341CAC86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126102:*:*:*:*:*:*",
                     matchCriteriaId: "08A4CCDD-0892-4FF3-8E17-41D6AB8FC747",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126103:*:*:*:*:*:*",
                     matchCriteriaId: "2DB6B15E-6513-4590-A5C1-A949341411F4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126113:*:*:*:*:*:*",
                     matchCriteriaId: "C1DF8B30-1820-4DA1-AB30-996FCC99192B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126114:*:*:*:*:*:*",
                     matchCriteriaId: "09C0FF80-AF4C-47F9-B35C-12A7F2843D0E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126115:*:*:*:*:*:*",
                     matchCriteriaId: "6445A4A5-E41D-4B60-88E7-0E5B66C2A096",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126116:*:*:*:*:*:*",
                     matchCriteriaId: "645D9C07-A2F4-4E8B-B2FD-39330CD7BE14",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126117:*:*:*:*:*:*",
                     matchCriteriaId: "63739B14-BBAF-4F12-A178-36CE2C0F6B5A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
                     matchCriteriaId: "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
                     matchCriteriaId: "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
                     matchCriteriaId: "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
                     matchCriteriaId: "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
                     matchCriteriaId: "B652092E-570C-4D4E-A133-627426C50F6E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
                     matchCriteriaId: "DC13FB20-119C-47F9-870D-399811661896",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*",
                     matchCriteriaId: "1C14D389-AA7A-4CD3-A0B5-EF052907FEE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
                     matchCriteriaId: "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
                     matchCriteriaId: "14269E88-7186-4F2C-B770-964D0AD7D414",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
                     matchCriteriaId: "C46D091F-095F-4F1D-8D16-1021E15BC963",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
                     matchCriteriaId: "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
                     matchCriteriaId: "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
                     matchCriteriaId: "CBFA159F-0293-4E44-BB20-173021991107",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
                     matchCriteriaId: "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
                     matchCriteriaId: "1979F66B-749E-41F8-9CBD-E4AD4483B500",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
                     matchCriteriaId: "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
                     matchCriteriaId: "50D85F0C-201C-44D3-92C7-261095B4B03E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
                     matchCriteriaId: "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125450:*:*:*:*:*:*",
                     matchCriteriaId: "342D59C3-B7A8-44AF-8298-743F5487CD91",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125656:*:*:*:*:*:*",
                     matchCriteriaId: "9A6D1AC1-8480-42C9-90C6-F47E58B7E44B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125664:*:*:*:*:*:*",
                     matchCriteriaId: "F31C74BA-085E-482C-A1E8-D6E9A69462B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126000:*:*:*:*:*:*",
                     matchCriteriaId: "5D3E1BC5-7D01-45E9-A92D-7F2D623F1C4A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*",
                     matchCriteriaId: "B15B6E60-9DF9-4524-8387-8CF0B2B6D0F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*",
                     matchCriteriaId: "06AEE3B8-3A71-466D-880F-B39E6E4D9899",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*",
                     matchCriteriaId: "C7E2FFFB-975D-4FFF-A54E-01336B2687BF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*",
                     matchCriteriaId: "4C1FB9D8-1DA7-486C-9418-9C00F4D184D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*",
                     matchCriteriaId: "F78374E4-E4AF-4E77-9AE6-BEC58DCAB6AE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125450:*:*:*:*:*:*",
                     matchCriteriaId: "989668B0-0AEB-4E8B-AC51-42058CC6AC3C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125656:*:*:*:*:*:*",
                     matchCriteriaId: "DC747248-7154-440A-BCD7-2E0F8ACFC042",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125664:*:*:*:*:*:*",
                     matchCriteriaId: "F4791DD2-AD34-4239-85CB-D87080D97AA9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126000:*:*:*:*:*:*",
                     matchCriteriaId: "F6E1060D-0E32-4330-BB0A-C35D5E11BCE7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*",
                     matchCriteriaId: "FB7DAAA8-6A7B-41EF-8783-7EFDEE747332",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*",
                     matchCriteriaId: "EA101FBC-D697-4A7E-B539-79097228B735",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*",
                     matchCriteriaId: "4CC9EF3C-6768-4976-94C8-3FBEE6093ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*",
                     matchCriteriaId: "B5934D8A-C10F-47BC-BB73-45B8CB71C686",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*",
                     matchCriteriaId: "59E334B0-6BF6-4674-9D9D-7E9C988BAB57",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*",
                     matchCriteriaId: "2BF85206-863D-493C-88F4-15B0BA5276A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*",
                     matchCriteriaId: "3C9DE996-1DEC-4AF0-89FD-1E3DA3967BC6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*",
                     matchCriteriaId: "75FF4D85-97C8-4DF4-ADE6-EDE8EC2DD5BE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*",
                     matchCriteriaId: "9CAC6467-19F7-4CB2-A5FC-B57A14F4636C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*",
                     matchCriteriaId: "60EB56E2-7367-4488-A00D-41464E86B06D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*",
                     matchCriteriaId: "3E315636-0897-4421-882D-E8196F7ACAD1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*",
                     matchCriteriaId: "E3552F71-C708-41A4-9168-5673C086F507",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126000:*:*:*:*:*:*",
                     matchCriteriaId: "9505C545-2540-4554-B774-6ECCD64D6115",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126001:*:*:*:*:*:*",
                     matchCriteriaId: "06CF15AE-51A6-4FB4-A0DA-6097F0B2BE98",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126100:*:*:*:*:*:*",
                     matchCriteriaId: "11A17B44-C69A-424A-A305-0AD61DCDA2A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126101:*:*:*:*:*:*",
                     matchCriteriaId: "8600CCB2-4642-4760-AE10-854446251673",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126102:*:*:*:*:*:*",
                     matchCriteriaId: "087A0139-FA4B-4C85-BAAD-1BDCF7B5F91B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126103:*:*:*:*:*:*",
                     matchCriteriaId: "2F3B1A89-93A9-43F1-9246-E2081F26DBBA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126113:*:*:*:*:*:*",
                     matchCriteriaId: "9A7C64F7-9B85-4C7F-95B9-468200D2EA7D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126114:*:*:*:*:*:*",
                     matchCriteriaId: "1EE78F81-5F9D-4B98-BA82-24EE281041C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126115:*:*:*:*:*:*",
                     matchCriteriaId: "298A1371-E23E-4954-8C16-B0F70A575A77",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126116:*:*:*:*:*:*",
                     matchCriteriaId: "BA174B71-5D43-4783-8744-1A4020A157C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126117:*:*:*:*:*:*",
                     matchCriteriaId: "ADB451D9-106E-40DA-A499-B1D8DB1B78BC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.",
      },
      {
         lang: "es",
         value: "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer y OpUtils versiones anteriores a 27-07-2022 hasta 28-07-2022 (125657, 126002, 126104 y 126118) permiten a atacantes no autenticados obtener la clave API de un usuario y luego acceder a APIs externas",
      },
   ],
   id: "CVE-2022-36923",
   lastModified: "2024-11-21T07:14:05.603",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-10T20:16:03.343",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.manageengine.com/itom/advisory/cve-2022-36923.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.manageengine.com/itom/advisory/cve-2022-36923.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-755",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.