CVE-2023-35854

Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator. NOTE: the vendor's perspective is that they have "found no evidence or detail of a security vulnerability."

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/970198175/Simply-use	Third Party Advisory
https://www.manageengine.com	Product
https://github.com/970198175/Simply-use	Third Party Advisory
https://www.manageengine.com	Product

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus::::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:-::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6100::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6101::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6102::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6103::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6104::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6105::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6106::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6107::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6108::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6109::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6110::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6111::::::
	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6112::::::

History

No history.

Information

Published : 2023-06-20 12:15

Updated : 2024-11-21 08:08

NVD link : CVE-2023-35854

Mitre link : CVE-2023-35854

CVE.ORG link : CVE-2023-35854

JSON object : View

Products Affected

zohocorp

manageengine_adselfservice_plus

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2023-35854", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-06-20T12:15:09.690", "references": [{"url": "https://github.com/970198175/Simply-use", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.manageengine.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://github.com/970198175/Simply-use", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.manageengine.com", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator. NOTE: the vendor's perspective is that they have \"found no evidence or detail of a security vulnerability.\""}], "lastModified": "2024-11-21T08:08:49.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A79AAA12-67D4-4343-9E0B-249C07144DD8", "versionEndExcluding": "6.1"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2320EEE-367C-4CE1-8AC4-048B97DE71F3"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6100:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1E5484A-D834-4C7A-962C-C78CF0CDAA8B"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6101:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FA21683-29F7-44EB-84C6-D29C6C64DE97"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6102:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BE0B72F-2963-4666-9A82-7812BFB52DB0"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6103:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85DD7E26-B9C5-4DCC-8F50-F5884AF61105"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6104:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC37608E-E61B-4333-8358-50C8377A1ABF"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6105:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C13EF458-FE95-49E5-9A13-04C96C3F114A"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6106:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12919644-3D85-488C-89A3-58A1FB31279D"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6107:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75206A94-9155-48D7-A378-5020877B8B97"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6108:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E50CF265-DE6F-4281-8300-06D54185AA43"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6109:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB577C00-1412-4F87-B91A-5E956EB2213F"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6110:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C7681FA-FC15-49CE-9288-3C4E361F4D21"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6111:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80F12A94-93C5-4442-8FB3-4E02E4DECCEB"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6112:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17270CDC-C800-4B5A-BEAA-83AF455BBBEA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}