CVE-2023-35785
28.08.2023, 20:15
Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7xxx 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange Reporter Plus 5709 and below, Log360 5315 and below, Log360 UEBA 4045 and below, M365 Manager Plus 4529 and below, M365 Security Plus 4529 and below, Recovery Manager Plus 6061 and below, ServiceDesk Plus 14204 and below and 143xx 14302 and below, ServiceDesk Plus MSP 14300 and below, SharePoint Manager Plus 4402 and below, and Support Center Plus 14300 and below are vulnerable to 2FA bypass via a few TOTP authenticators. Note: A valid pair of username and password is required to leverage this vulnerability.Enginsight
| Vendor | Product | Version |
|---|---|---|
| zohocorp | manageengine_ad360 | 𝑥 < 4.3 |
| zohocorp | manageengine_ad360 | 4.3:4300 |
| zohocorp | manageengine_ad360 | 4.3:4302 |
| zohocorp | manageengine_ad360 | 4.3:4303 |
| zohocorp | manageengine_ad360 | 4.3:4304 |
| zohocorp | manageengine_ad360 | 4.3:4305 |
| zohocorp | manageengine_ad360 | 4.3:4306 |
| zohocorp | manageengine_ad360 | 4.3:4308 |
| zohocorp | manageengine_ad360 | 4.3:4309 |
| zohocorp | manageengine_ad360 | 4.3:4310 |
| zohocorp | manageengine_ad360 | 4.3:4312 |
| zohocorp | manageengine_ad360 | 4.3:4313 |
| zohocorp | manageengine_ad360 | 4.3:4314 |
| zohocorp | manageengine_ad360 | 4.3:4315 |
| zohocorp | manageengine_adaudit_plus | 𝑥 < 7.2 |
| zohocorp | manageengine_adaudit_plus | 7.2:7200 |
| zohocorp | manageengine_adaudit_plus | 7.2:7201 |
| zohocorp | manageengine_adaudit_plus | 7.2:7202 |
| zohocorp | manageengine_admanager_plus | 𝑥 < 7.2 |
| zohocorp | manageengine_admanager_plus | 7.2:7201 |
| zohocorp | manageengine_assetexplorer | 𝑥 < 6.9 |
| zohocorp | manageengine_assetexplorer | 6.9 |
| zohocorp | manageengine_assetexplorer | 6.9:6900 |
| zohocorp | manageengine_assetexplorer | 6.9:6901 |
| zohocorp | manageengine_assetexplorer | 6.9:6902 |
| zohocorp | manageengine_assetexplorer | 6.9:6903 |
| zohocorp | manageengine_assetexplorer | 6.9:6904 |
| zohocorp | manageengine_assetexplorer | 6.9:6905 |
| zohocorp | manageengine_assetexplorer | 6.9:6906 |
| zohocorp | manageengine_assetexplorer | 6.9:6907 |
| zohocorp | manageengine_assetexplorer | 6.9:6908 |
| zohocorp | manageengine_assetexplorer | 6.9:6909 |
| zohocorp | manageengine_assetexplorer | 6.9:6950 |
| zohocorp | manageengine_assetexplorer | 6.9:6951 |
| zohocorp | manageengine_assetexplorer | 6.9:6952 |
| zohocorp | manageengine_assetexplorer | 6.9:6953 |
| zohocorp | manageengine_assetexplorer | 6.9:6954 |
| zohocorp | manageengine_assetexplorer | 6.9:6955 |
| zohocorp | manageengine_assetexplorer | 6.9:6956 |
| zohocorp | manageengine_assetexplorer | 6.9:6957 |
| zohocorp | manageengine_assetexplorer | 6.9:6970 |
| zohocorp | manageengine_assetexplorer | 6.9:6971 |
| zohocorp | manageengine_assetexplorer | 6.9:6972 |
| zohocorp | manageengine_assetexplorer | 6.9:6973 |
| zohocorp | manageengine_assetexplorer | 6.9:6974 |
| zohocorp | manageengine_assetexplorer | 6.9:6975 |
| zohocorp | manageengine_assetexplorer | 6.9:6976 |
| zohocorp | manageengine_assetexplorer | 6.9:6977 |
| zohocorp | manageengine_assetexplorer | 6.9:6978 |
| zohocorp | manageengine_assetexplorer | 6.9:6979 |
| zohocorp | manageengine_assetexplorer | 6.9:6980 |
| zohocorp | manageengine_assetexplorer | 6.9:6981 |
| zohocorp | manageengine_assetexplorer | 6.9:6982 |
| zohocorp | manageengine_assetexplorer | 6.9:6983 |
| zohocorp | manageengine_assetexplorer | 6.9:6984 |
| zohocorp | manageengine_assetexplorer | 6.9:6985 |
| zohocorp | manageengine_assetexplorer | 6.9:6986 |
| zohocorp | manageengine_assetexplorer | 6.9:6987 |
| zohocorp | manageengine_assetexplorer | 6.9:6988 |
| zohocorp | manageengine_assetexplorer | 6.9:6989 |
| zohocorp | manageengine_assetexplorer | 6.9:6990 |
| zohocorp | manageengine_assetexplorer | 6.9:6991 |
| zohocorp | manageengine_assetexplorer | 6.9:6992 |
| zohocorp | manageengine_assetexplorer | 6.9:6993 |
| zohocorp | manageengine_assetexplorer | 7.0:7000 |
| zohocorp | manageengine_assetexplorer | 7.0:7001 |
| zohocorp | manageengine_cloud_security_plus | 𝑥 < 4.1 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4100 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4101 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4102 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4103 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4104 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4105 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4106 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4107 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4108 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4109 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4110 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4111 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4112 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4113 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4115 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4116 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4117 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4118 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4119 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4120 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4121 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4122 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4130 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4131 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4140 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4141 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4150 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4160 |
| zohocorp | manageengine_cloud_security_plus | 4.1:4161 |
| zohocorp | manageengine_datasecurity_plus | 𝑥 < 6.1 |
| zohocorp | manageengine_datasecurity_plus | 6.1:6100 |
| zohocorp | manageengine_datasecurity_plus | 6.1:6101 |
| zohocorp | manageengine_datasecurity_plus | 6.1:6110 |
| zohocorp | manageengine_eventlog_analyzer | 𝑥 < 12.3.0 |
| zohocorp | manageengine_eventlog_analyzer | 12.3.0:12300 |
| zohocorp | manageengine_eventlog_analyzer | 12.3.0:12301 |
| zohocorp | manageengine_exchange_reporter_plus | 𝑥 < 5.7 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5700 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5701 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5702 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5703 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5704 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5705 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5706 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5707 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5708 |
| zohocorp | manageengine_exchange_reporter_plus | 5.7:5709 |
| zohocorp | manageengine_log360 | 𝑥 < 5.3 |
| zohocorp | manageengine_log360 | 5.3:build5300 |
| zohocorp | manageengine_log360 | 5.3:build5301 |
| zohocorp | manageengine_log360 | 5.3:build5302 |
| zohocorp | manageengine_log360 | 5.3:build5305 |
| zohocorp | manageengine_log360 | 5.3:build5310 |
| zohocorp | manageengine_log360 | 5.3:build5311 |
| zohocorp | manageengine_log360 | 5.3:build5315 |
| zohocorp | manageengine_log360_ueba | 4.0:build4010 |
| zohocorp | manageengine_log360_ueba | 4.0:build4011 |
| zohocorp | manageengine_log360_ueba | 4.0:build4015 |
| zohocorp | manageengine_log360_ueba | 4.0:build4016 |
| zohocorp | manageengine_log360_ueba | 4.0:build4020 |
| zohocorp | manageengine_log360_ueba | 4.0:build4021 |
| zohocorp | manageengine_log360_ueba | 4.0:build4023 |
| zohocorp | manageengine_log360_ueba | 4.0:build4024 |
| zohocorp | manageengine_log360_ueba | 4.0:build4025 |
| zohocorp | manageengine_log360_ueba | 4.0:build4026 |
| zohocorp | manageengine_log360_ueba | 4.0:build4027 |
| zohocorp | manageengine_log360_ueba | 4.0:build4028 |
| zohocorp | manageengine_log360_ueba | 4.0:build4030 |
| zohocorp | manageengine_log360_ueba | 4.0:build4031 |
| zohocorp | manageengine_log360_ueba | 4.0:build4034 |
| zohocorp | manageengine_log360_ueba | 4.0:build4035 |
| zohocorp | manageengine_log360_ueba | 4.0:build4036 |
| zohocorp | manageengine_log360_ueba | 4.0:build4040 |
| zohocorp | manageengine_log360_ueba | 4.0:build4043 |
| zohocorp | manageengine_log360_ueba | 4.0:build4045 |
| zohocorp | manageengine_m365_manager_plus | 𝑥 < 4.5 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4500 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4502 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4503 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4504 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4505 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4507 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4508 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4509 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4510 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4511 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4512 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4513 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4514 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4516 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4517 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4518 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4519 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4520 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4523 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4525 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4527 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4528 |
| zohocorp | manageengine_m365_manager_plus | 4.5:build4529 |
| zohocorp | manageengine_m365_security_plus | 𝑥 < 4.5 |
| zohocorp | manageengine_m365_security_plus | 4.5:4500 |
| zohocorp | manageengine_m365_security_plus | 4.5:4502 |
| zohocorp | manageengine_m365_security_plus | 4.5:4503 |
| zohocorp | manageengine_m365_security_plus | 4.5:4504 |
| zohocorp | manageengine_m365_security_plus | 4.5:4505 |
| zohocorp | manageengine_m365_security_plus | 4.5:4507 |
| zohocorp | manageengine_m365_security_plus | 4.5:4508 |
| zohocorp | manageengine_m365_security_plus | 4.5:4509 |
| zohocorp | manageengine_m365_security_plus | 4.5:4510 |
| zohocorp | manageengine_m365_security_plus | 4.5:4511 |
| zohocorp | manageengine_m365_security_plus | 4.5:4512 |
| zohocorp | manageengine_m365_security_plus | 4.5:4513 |
| zohocorp | manageengine_m365_security_plus | 4.5:4514 |
| zohocorp | manageengine_m365_security_plus | 4.5:4516 |
| zohocorp | manageengine_m365_security_plus | 4.5:4517 |
| zohocorp | manageengine_m365_security_plus | 4.5:4518 |
| zohocorp | manageengine_m365_security_plus | 4.5:4519 |
| zohocorp | manageengine_m365_security_plus | 4.5:4520 |
| zohocorp | manageengine_m365_security_plus | 4.5:4523 |
| zohocorp | manageengine_m365_security_plus | 4.5:4525 |
| zohocorp | manageengine_m365_security_plus | 4.5:4527 |
| zohocorp | manageengine_m365_security_plus | 4.5:4528 |
| zohocorp | manageengine_m365_security_plus | 4.5:4529 |
| zohocorp | manageengine_recoverymanager_plus | 𝑥 < 6.0 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6001 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6003 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6005 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6011 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6016 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6017 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6020 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6025 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6026 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6030 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6031 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6032 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6041 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6042 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6043 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6044 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6047 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6049 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6050 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6051 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6053 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6054 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6056 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6057 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6058 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6060 |
| zohocorp | manageengine_recoverymanager_plus | 6.0:build6061 |
| zohocorp | manageengine_servicedesk_plus | 𝑥 < 14.2 |
| zohocorp | manageengine_servicedesk_plus | 14.2:14200 |
| zohocorp | manageengine_servicedesk_plus | 14.2:14201 |
| zohocorp | manageengine_servicedesk_plus | 14.2:14202 |
| zohocorp | manageengine_servicedesk_plus | 14.2:14203 |
| zohocorp | manageengine_servicedesk_plus | 14.2:14204 |
| zohocorp | manageengine_servicedesk_plus | 14.3:14300 |
| zohocorp | manageengine_servicedesk_plus | 14.3:14301 |
| zohocorp | manageengine_servicedesk_plus | 14.3:14302 |
| zohocorp | manageengine_servicedesk_plus_msp | 𝑥 < 14.3 |
| zohocorp | manageengine_servicedesk_plus_msp | 14.3:14300 |
| zohocorp | manageengine_sharepoint_manager_plus | 𝑥 < 4.4 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.4:4400 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.4:4401 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.4:4402 |
| zohocorp | manageengine_supportcenter_plus | 𝑥 < 14.3 |
| zohocorp | manageengine_supportcenter_plus | 14.3:14300 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration