CVE-2022-28219

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7002:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7003:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7004:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7005:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7006:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7007:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7008:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7050:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7051:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7052:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7053:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7054:*:*:*:*:*:*

History

26 Oct 2022, 02:30

Type Values Removed Values Added
References (MISC) http://cewolf.sourceforge.net/new/index.html - (MISC) http://cewolf.sourceforge.net/new/index.html - Product, Third Party Advisory
References (MISC) http://packetstormsecurity.com/files/167997/ManageEngine-ADAudit-Plus-Path-Traversal-XML-Injection.html - (MISC) http://packetstormsecurity.com/files/167997/ManageEngine-ADAudit-Plus-Path-Traversal-XML-Injection.html - Exploit, Third Party Advisory, VDB Entry
References (MISC) https://www.horizon3.ai/red-team-blog-cve-2022-28219/ - (MISC) https://www.horizon3.ai/red-team-blog-cve-2022-28219/ - Exploit, Third Party Advisory

08 Aug 2022, 19:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/167997/ManageEngine-ADAudit-Plus-Path-Traversal-XML-Injection.html -

02 Jul 2022, 00:15

Type Values Removed Values Added
Summary Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution. Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.
References
  • (MISC) https://www.horizon3.ai/red-team-blog-cve-2022-28219/ -
  • (MISC) http://cewolf.sourceforge.net/new/index.html -

12 Apr 2022, 17:04

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
First Time Zohocorp
Zohocorp manageengine Adaudit Plus
References (MISC) https://manageengine.com - (MISC) https://manageengine.com - Vendor Advisory
References (CONFIRM) https://www.manageengine.com/products/active-directory-audit/cve-2022-28219.html - (CONFIRM) https://www.manageengine.com/products/active-directory-audit/cve-2022-28219.html - Patch, Vendor Advisory
CWE CWE-611
CPE cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7052:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7050:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7002:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7054:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7003:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7005:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7006:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7007:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7053:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7004:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7051:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7008:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:*

05 Apr 2022, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-04-05 19:15

Updated : 2023-12-10 14:22


NVD link : CVE-2022-28219

Mitre link : CVE-2022-28219

CVE.ORG link : CVE-2022-28219


JSON object : View

Products Affected

zohocorp

  • manageengine_adaudit_plus
CWE
CWE-611

Improper Restriction of XML External Entity Reference