CVE-2022-47966

Description from NVD

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections.

Information Acquisition Date:2023-01-30T14:55Z
CVSS 2.0: 0.0 None CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD References

 https://manageengine.com
     source:MISC
     tags:Vendor Advisory    
 https://github.com/apache/santuario-xml-security-java/tags?after=1.4.6
     source:MISC
     tags:Release Notes    Third Party Advisory    
 https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html
     source:MISC
     tags:Patch    Vendor Advisory    

This vulnerability may involve a PoC.

Description from Forti

Proof-of-Concept Released for Zoho ManageEngine RCE vulnerability (CVE-2022-47966)

Information Acquisition Date:2023/01/26

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Apache(31 tweets) Exchange(1 tweets) Java(24 tweets) VMware(1 tweets) Windows(4 tweets) iOS(5 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...254
https://cvetrends.com52
https://www.rapid7.com/blog/post/2023/01/19/etr-cve-2022-47...17
https://thehackernews.com/2023/01/zoho-manageengine-poc-exp...14
https://www.manageengine.com/security/advisory/CVE/cve-2022...14
https://www.horizon3.ai/manageengine-cve-2022-47966-iocs13
https://securityaffairs.com/140920/hacking/zoho-manageengin...12
https://xcloud.spectrum.colortokens.com/cve/CVE-2022-4796611
https://github.com/horizon3ai/CVE-2022-4796610
https://attackerkb.com/topics/gvs0Gv8BID/cve-2022-47966/rap...8
https://www.cisa.gov/known-exploited-vulnerabilities-catalog7
https://www.helpnetsecurity.com/2023/01/17/cve-2022-47966-poc7
http://Horizon3.ai6
https://securityonline.info/researchers-release-poc-exploit...6
https://opsmtrs.com/2ZFbaTl5
https://blog.viettelcybersecurity.com/saml-show-stopper5
https://tweetedtimes.com/Pentest101MX?s=tnp4
https://viz.greynoise.io/tag/zoho-manageengine-rce-cve-2022...4
https://www.securityweek.com/wild-exploitation-recent-manag...4
https://securityboulevard.com/2023/01/manageengine-cve-2022...4
http://T.ME/APTIRAN3
https://twitter.com/Horizon3Attack/status/16133808366607482883
https://lists.astaro.com/ASGV9-IPS-rules.html#03
https://terjanq.medium.com/waf-bypasses-via-0days-d4ef1f212ec3
https://www.bleepingcomputer.com/news/security/critical-man...3

▼ Show Information from Twitter(489)


List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com254
cvetrends.com52
www.rapid7.com17
thehackernews.com14
www.manageengine.com14
www.horizon3.ai13
securityaffairs.com12
xcloud.spectrum.colortokens.com11
github.com10
attackerkb.com8
www.cisa.gov7
www.helpnetsecurity.com7
Horizon3.ai6
securityonline.info6
opsmtrs.com5
blog.viettelcybersecurity.com5
tweetedtimes.com4
viz.greynoise.io4
www.securityweek.com4
securityboulevard.com4
T.ME3
twitter.com3
lists.astaro.com3
terjanq.medium.com3
www.bleepingcomputer.com3

▼ Show Information from Twitter(489)


GitHub Search Results: Up to 10
NameURL
horizon3ai/CVE-2022-47966 https://github.com/horizon3ai/CVE-2022-47966
vonahisec/CVE-2022-47966-Scan https://github.com/vonahisec/CVE-2022-47966-Scan
Inplex-sys/CVE-2022-47966 https://github.com/Inplex-sys/CVE-2022-47966
shameem-testing/PoC-for-ME-SAML-Vulnerability https://github.com/shameem-testing/PoC-for-ME-SAML-Vulnerability
ACE-Responder/CVE-2022-47966_checker https://github.com/ACE-Responder/CVE-2022-47966_checker
p33d/CVE-2022-47966 https://github.com/p33d/CVE-2022-47966
Live-Hack-CVE/CVE-2022-47966 https://github.com/Live-Hack-CVE/CVE-2022-47966

GitHub Search Results: Up to 10
NameURL
horizon3ai/CVE-2022-47966 github.com
vonahisec/CVE-2022-47966-Scan github.com
Inplex-sys/CVE-2022-47966 github.com
shameem-testing/PoC-for-ME-SAML-Vulnerability github.com
ACE-Responder/CVE-2022-47966_checker github.com
p33d/CVE-2022-47966 github.com
Live-Hack-CVE/CVE-2022-47966 github.com

2023/02/07 Score : 5
Added Har-sia Database : 2023/01/11
Last Modified : 2023/02/07
Highest Scored Date : 2023/01/20
Highest Score : 124