{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-47211", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2023-11-07T15:35:52.521Z", "datePublished": "2024-01-08T14:45:37.183Z", "dateUpdated": "2025-06-03T14:37:27.707Z"}, "containers": {"cna": {"affected": [{"vendor": "ManageEngine", "product": "OpManager", "versions": [{"version": "12.7.258", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE", "cweId": "CWE-22"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 9.1, "baseSeverity": "CRITICAL"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2024-01-08T18:00:25.765Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"}, {"url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html", "name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"}], "credits": [{"lang": "en", "value": "Discovered by Marcin 'Icewall' Noga of Cisco Talos."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:01:22.684Z"}, "title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851", "tags": ["x_transferred"]}, {"url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html", "name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-08T20:12:00.487172Z", "id": "CVE-2023-47211", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-03T14:37:27.707Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851", "tags": ["x_transferred"]}, {"url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html", "name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:01:22.684Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-47211", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-08T20:12:00.487172Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T18:41:12.639Z"}}], "cna": {"credits": [{"lang": "en", "value": "Discovered by Marcin 'Icewall' Noga of Cisco Talos."}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "ManageEngine", "product": "OpManager", "versions": [{"status": "affected", "version": "12.7.258"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"}, {"url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html", "name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"}], "descriptions": [{"lang": "en", "value": "A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2024-01-08T18:00:25.765Z"}}}, "cveMetadata": {"cveId": "CVE-2023-47211", "state": "PUBLISHED", "dateUpdated": "2025-06-03T14:37:27.707Z", "dateReserved": "2023-11-07T15:35:52.521Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2024-01-08T14:45:37.183Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "50FB7952-0CED-4A64-A435-D588CA661630", "versionEndExcluding": "12.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127000:*:*:*:*:*:*", "matchCriteriaId": "8343B084-2009-44F2-B36C-C66719BBB1FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127101:*:*:*:*:*:*", "matchCriteriaId": "2574DD71-36A4-47AE-ABC3-D05D36FF8F02", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127130:*:*:*:*:*:*", "matchCriteriaId": "B9D787C9-F37B-4193-A34F-080F7410BFA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127131:*:*:*:*:*:*", "matchCriteriaId": "55FB4705-D709-42F0-A562-6C5A05E00EAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127187:*:*:*:*:*:*", "matchCriteriaId": "4503E624-DC7F-4C5E-B715-0EC4676CA1ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127244:*:*:*:*:*:*", "matchCriteriaId": "BAD9E275-CCBA-4A25-A91D-2CC9D1547B74", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127257:*:*:*:*:*:*", "matchCriteriaId": "F50149D0-8105-49EE-9F0D-CFD67B0F64C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127259:*:*:*:*:*:*", "matchCriteriaId": "E0DECCD8-2E8C-4288-8CB5-10C117D83112", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "9222E54C-0A7C-4828-9917-7CFD7EE8BC59", "versionEndExcluding": "12.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127000:*:*:*:*:*:*", "matchCriteriaId": "85778DB3-87D9-4C6A-9149-C58C45913268", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127003:*:*:*:*:*:*", "matchCriteriaId": "3973EC75-A70A-475A-82BB-409992F09392", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127101:*:*:*:*:*:*", "matchCriteriaId": "14537D55-3ABE-423C-B320-6811292620AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127130:*:*:*:*:*:*", "matchCriteriaId": "FCB0BDE0-5BD3-4315-A74B-D7065ABC91BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127131:*:*:*:*:*:*", "matchCriteriaId": "3E850CF4-9078-4E43-A87C-8323536E8CD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127187:*:*:*:*:*:*", "matchCriteriaId": "EC407852-45B1-47F4-A886-AF8B473A86D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127244:*:*:*:*:*:*", "matchCriteriaId": "F528288A-7CC9-436C-9899-E4F343F83BCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127255:*:*:*:*:*:*", "matchCriteriaId": "2C6E7D8F-8EF4-4FEF-BE87-82CFDD22DE2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127257:*:*:*:*:*:*", "matchCriteriaId": "0BC6EA7D-E39F-4FE6-960D-BA6B85F81A9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127259:*:*:*:*:*:*", "matchCriteriaId": "BE0BFAB9-E3F3-493E-B2D3-FA9BE69C0A1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6628EB7-96F6-48E3-8018-8F569972B811", "versionEndExcluding": "12.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127000:*:*:*:*:*:*", "matchCriteriaId": "B64ADEEB-502D-4588-BD80-156124437AEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127102:*:*:*:*:*:*", "matchCriteriaId": "2306C5F3-5413-4240-BAB6-E55849063A72", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127105:*:*:*:*:*:*", "matchCriteriaId": "87F97A9E-2AB3-4121-B5A7-0AA25780D336", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127132:*:*:*:*:*:*", "matchCriteriaId": "AD049643-9546-4D39-BD26-79661205C110", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127243:*:*:*:*:*:*", "matchCriteriaId": "EC810ED9-125E-41CA-B0BD-16BBF1726C3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127257:*:*:*:*:*:*", "matchCriteriaId": "97B71808-B280-4BDC-819F-B80156A77CA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127259:*:*:*:*:*:*", "matchCriteriaId": "F5458B6F-1D90-4563-A783-93480FB628DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "93A02A7E-02A8-4B74-AA9F-3DA0492748EF", "versionEndExcluding": "12.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127000:*:*:*:*:*:*", "matchCriteriaId": "24B04D73-0C55-49A8-B599-27C8C04948C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127001:*:*:*:*:*:*", "matchCriteriaId": "97E74846-1666-4773-910D-77E0E19A7FCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127002:*:*:*:*:*:*", "matchCriteriaId": "BB90B809-9D97-469F-B8F6-41B4AEAA2D3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127003:*:*:*:*:*:*", "matchCriteriaId": "423C8618-9F3B-4B83-902C-FF01027EC54A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127004:*:*:*:*:*:*", "matchCriteriaId": "7E974B56-7A00-4582-AF8B-0D09B94477BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127100:*:*:*:*:*:*", "matchCriteriaId": "7B6F8404-F624-41AA-BE8D-170D843EC290", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127101:*:*:*:*:*:*", "matchCriteriaId": "D0FF81E5-2134-4F45-9B39-2E3D5208BB80", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127102:*:*:*:*:*:*", "matchCriteriaId": "0D5DA95F-7C0F-4D05-BD35-DED356D01692", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127103:*:*:*:*:*:*", "matchCriteriaId": "2B3A3EC3-DF7C-41A6-884C-C7C13D41B61E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127104:*:*:*:*:*:*", "matchCriteriaId": "89EE3E31-8F55-4E44-8522-A32D6887AE97", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127109:*:*:*:*:*:*", "matchCriteriaId": "979ED7B4-FAE3-4E98-A303-290E498FFD81", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127116:*:*:*:*:*:*", "matchCriteriaId": "EDC62E2F-AB97-4008-A52B-9CDC341A06BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127117:*:*:*:*:*:*", "matchCriteriaId": "93DF7023-22AE-4A84-8734-06239013C10C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127118:*:*:*:*:*:*", "matchCriteriaId": "2A128BED-75FA-42F1-9171-CBAEAA2366A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127119:*:*:*:*:*:*", "matchCriteriaId": "5298BB50-8E22-490A-87C7-7F40B7F8F7C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127120:*:*:*:*:*:*", "matchCriteriaId": "39C34F02-E413-4067-B958-86ADF89FA3AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127122:*:*:*:*:*:*", "matchCriteriaId": "A0673E69-A2DB-424C-BBF0-79D729230F1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127123:*:*:*:*:*:*", "matchCriteriaId": "4F062A20-6FFE-479B-9E64-E4771490B041", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127131:*:*:*:*:*:*", "matchCriteriaId": "C598244E-7483-4762-AC27-BD8036FEFE5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127133:*:*:*:*:*:*", "matchCriteriaId": "B188A792-EF1A-4292-BD91-47635706C430", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127134:*:*:*:*:*:*", "matchCriteriaId": "BEFACD7A-D81B-4EDC-9E38-FD93FA0DE456", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127136:*:*:*:*:*:*", "matchCriteriaId": "DF818138-079A-43BE-A8B5-5DA47FA443AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127138:*:*:*:*:*:*", "matchCriteriaId": "27066A8F-75C4-42BF-A54B-543114B92995", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127140:*:*:*:*:*:*", "matchCriteriaId": "A239C6F8-3FC0-4510-B33F-14B25908E68F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127141:*:*:*:*:*:*", "matchCriteriaId": "E8399E84-1344-4472-91F3-F63255911876", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127185:*:*:*:*:*:*", "matchCriteriaId": "8888C77E-04A7-4C34-B497-504F6217E07B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127186:*:*:*:*:*:*", "matchCriteriaId": "7502D92A-3B51-4A76-88D6-E2D76A584075", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127187:*:*:*:*:*:*", "matchCriteriaId": "7E465A5F-C8B0-4AD0-8D6D-4823C5F8153D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127188:*:*:*:*:*:*", "matchCriteriaId": "DBA622D6-CD85-4F0F-8CC3-39FE29754039", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127189:*:*:*:*:*:*", "matchCriteriaId": "A0D2828B-B897-4F1D-B657-436DB3CAC2FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127191:*:*:*:*:*:*", "matchCriteriaId": "98279B6E-8361-45CA-8912-F06972F4BD1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127240:*:*:*:*:*:*", "matchCriteriaId": "A7D879C8-E89F-45C1-9609-80B737080AFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127241:*:*:*:*:*:*", "matchCriteriaId": "3D8FD2DE-18D9-4F50-9256-672435059876", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127242:*:*:*:*:*:*", "matchCriteriaId": "F01FEA58-BE5B-4CEC-831D-3BF05A20688D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127243:*:*:*:*:*:*", "matchCriteriaId": "FFD06A39-E943-41B5-B00B-168A6D919C80", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127255:*:*:*:*:*:*", "matchCriteriaId": "49469309-8B9B-4BF1-B80A-226F975FC47C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127256:*:*:*:*:*:*", "matchCriteriaId": "C429A23E-3DC0-453F-AAF7-F3237C9C6B6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127257:*:*:*:*:*:*", "matchCriteriaId": "1E3B72F3-2128-4AF1-A9A3-969D9738A24B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127258:*:*:*:*:*:*", "matchCriteriaId": "62C3AE7F-3F84-4C59-BBF8-2E82FAFF7E15", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127259:*:*:*:*:*:*", "matchCriteriaId": "A559F75B-FB71-4926-89FC-AC2718F0273C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4FB8882-46AE-485B-82B5-67BF22DDC12C", "versionEndExcluding": "12.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127109:*:*:*:*:*:*", "matchCriteriaId": "265DB862-1B39-4B16-9AD9-D8D8190D08D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127122:*:*:*:*:*:*", "matchCriteriaId": "5F476D22-0FA8-4128-833F-2F1E3D15615C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127123:*:*:*:*:*:*", "matchCriteriaId": "A627EFBE-A429-42B8-A461-A7E1CDBBF796", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127138:*:*:*:*:*:*", "matchCriteriaId": "622CDD01-6655-4786-AFB0-C1C2F5D5E0BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127139:*:*:*:*:*:*", "matchCriteriaId": "BDCDF5A9-ACA3-40CE-B163-F8AA7C028A69", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127140:*:*:*:*:*:*", "matchCriteriaId": "5AA4A73B-B9E4-4B69-973E-A2F713037E4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127141:*:*:*:*:*:*", "matchCriteriaId": "DA91290A-E4E0-412D-B5B7-C220B0F3087B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127142:*:*:*:*:*:*", "matchCriteriaId": "0DCF4289-B176-4AEA-8860-9C81F15BFFB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127259:*:*:*:*:*:*", "matchCriteriaId": "1CA0315F-27AE-4A5A-A05A-33A876B9C314", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7201B73-EB6C-4233-A8BF-CA5EE2DF6C73", "versionEndExcluding": "12.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127109:*:*:*:*:*:*", "matchCriteriaId": "5AF53EDA-45A9-424F-937A-44C7FF7299F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127122:*:*:*:*:*:*", "matchCriteriaId": "C70F7D66-975A-4341-97E7-E6ED80A9F314", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127123:*:*:*:*:*:*", "matchCriteriaId": "43D72341-8C61-4D07-BBFE-D611B41A511C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127138:*:*:*:*:*:*", "matchCriteriaId": "9BC8DCA0-FFC1-4487-8452-E6ED8A9C5A48", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127139:*:*:*:*:*:*", "matchCriteriaId": "5FEDB823-5D06-4C65-9042-D99982395892", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127140:*:*:*:*:*:*", "matchCriteriaId": "18EF9B8C-F8DD-455E-BE93-80EB83374084", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127141:*:*:*:*:*:*", "matchCriteriaId": "89575D64-5969-4C11-8AC1-B48CA97A0558", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127142:*:*:*:*:*:*", "matchCriteriaId": "E115A1C7-23CF-4E61-BC85-8B0884CE5BC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127259:*:*:*:*:*:*", "matchCriteriaId": "258C790F-F7FE-4071-BAC2-45AB3D2212FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A1DA3A9-36FB-4BCA-AEEC-231A2C3127D0", "versionEndExcluding": "12.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127101:*:*:*:*:*:*", "matchCriteriaId": "0BA30C26-D3D8-447C-BD7A-9BC166C8BF3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127117:*:*:*:*:*:*", "matchCriteriaId": "162E0203-17E1-427E-A351-33F75E8FE5A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127134:*:*:*:*:*:*", "matchCriteriaId": "61FB54BF-7A8F-4EE5-AF42-15E2B69E9DE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127241:*:*:*:*:*:*", "matchCriteriaId": "764139C9-FF6A-4BE0-BAF3-52F403C41393", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127242:*:*:*:*:*:*", "matchCriteriaId": "3D9805F6-1A56-4FBF-8F47-DAA80E4DE9FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127258:*:*:*:*:*:*", "matchCriteriaId": "0458F47B-0456-4005-9AB8-8183C3D1EBAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127259:*:*:*:*:*:*", "matchCriteriaId": "266773C9-96A6-4588-A781-AE1C34B247D4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de directory traversal en la funcionalidad uploadMib de ManageEngine OpManager 12.7.258. Una solicitud HTTP especialmente manipulada puede dar lugar a la creaci\u00f3n de archivos arbitrarios. Un atacante puede enviar un archivo MiB malicioso para desencadenar esta vulnerabilidad."}], "id": "CVE-2023-47211", "lastModified": "2024-11-21T08:29:57.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 5.3, "source": "talos-cna@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-08T15:15:25.287", "references": [{"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"}, {"source": "talos-cna@cisco.com", "tags": ["Vendor Advisory"], "url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "talos-cna@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}