S4E

CVE-2022-47966 Scanner

Detects 'Remote Code Execution (RCE)' vulnerability in Multiple Zoho ManageEngine on-premise products affects v. Access Manager Plus before 4308, Active Directory 360 before 4310, ADAudit Plus before 7081, ADManager Plus before 7162, ADSelfService Plus before 6211, Analytics Plus before 5150, Application Control Plus before 10.1.2220.18, Asset Explorer before 6983, Browser Security Plus before 11.1.2238.6, Device Control Plus before 10.1.2220.18, Endpoint Central before 10.1.2228.11, Endpoint Central MSP before 10.1.2228.11, Endpoint DLP before 10.1.2137.6, Key Manager Plus before 6401, OS Deployer before 1.1.2243.1, PAM 360 before 5713, Password Manager Pro before 12124, Patch Manager Plus before 10.1.2220.18, Remote Access Plus before 10.1.2228.11, Remote Monitoring and Management (RMM) before 10.1.41. ServiceDesk Plus before 14004, ServiceDesk Plus MSP before 13001, SupportCenter Plus before 11026, and Vulnerability Manager Plus before 10.1.2220.18.

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month 3 days

Scan only one

Domain, IPv4

Toolbox

-

Zoho ManageEngine on-premise products are widely used in various industries for streamlining business operations and providing efficient service to clients. These products include ServiceDesk Plus, Active Directory 360, ADAudit Plus, ADManager Plus, ADSelfService Plus, Analytics Plus, Application Control Plus, Asset Explorer, Browser Security Plus, Device Control Plus, Endpoint Central, Endpoint Central MSP, Endpoint DLP, Key Manager Plus, OS Deployer, PAM 360, Password Manager Pro, Patch Manager Plus, Remote Access Plus, Remote Monitoring and Management (RMM), SupportCenter Plus, ServiceDesk Plus MSP, and Vulnerability Manager Plus. These products are designed to cater to the needs of modern businesses, ensuring smooth operation and high productivity.

CVE-2022-47966 is a critical vulnerability detected in multiple Zoho ManageEngine on-premise products, including ServiceDesk Plus, Active Directory 360, ADAudit Plus, and more. This vulnerability is a result of the use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, where the application is responsible for certain security protections due to the XSLT features in that version. However, the ManageEngine applications did not provide these protections, which leads to potential remote code execution.

The exploitation of this vulnerability can lead to serious consequences for businesses. Attackers can gain access to sensitive data, interrupt business operations, or even bring down the entire system. As many of these products are essential for day-to-day business operations, any disruption in their functionality can result in reduced productivity, loss of revenue, and damage to the reputation of the business.

In conclusion, the security of digital assets is a critical concern for businesses operating in the modern world. With the pro features of the s4e.io platform, information about vulnerabilities in digital assets can be easily and quickly obtained. By taking necessary precautions and staying informed about potential vulnerabilities, businesses can ensure the safety and integrity of their digital assets.

 

REFERENCES

Get started to protecting your Free Full Security Scan