Strix
26.1K

CVE-2023-35785

HIGHCVSS 8.1/10EPSS 2.43%

Last modified

CVE-2023-35785 is a high-severity vulnerability rated 8.1/10 on the CVSS scale. Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7xxx 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange Reporter Plus 5709 and below, Log360 5315 and below, Log360 UEBA 4045 and below, M365 Manager Plus 4529 and below, M365 Security Plus 4529 and below, Recovery Manager Plus 6061 and below, ServiceDesk Plus 14204 and below and 143xx 14302 and below, ServiceDesk Plus MSP 14300 and below, SharePoint Manager Plus 4402 and below, and Support Center Plus 14300 and below are vulnerable to 2FA bypass via a few TOTP authenticators. Note: A valid pair of username and password is required to leverage this vulnerability.. EPSS estimates a 2.43% chance of exploitation in the next 30 days.

Description

Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7xxx 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange Reporter Plus 5709 and below, Log360 5315 and below, Log360 UEBA 4045 and below, M365 Manager Plus 4529 and below, M365 Security Plus 4529 and below, Recovery Manager Plus 6061 and below, ServiceDesk Plus 14204 and below and 143xx 14302 and below, ServiceDesk Plus MSP 14300 and below, SharePoint Manager Plus 4402 and below, and Support Center Plus 14300 and below are vulnerable to 2FA bypass via a few TOTP authenticators. Note: A valid pair of username and password is required to leverage this vulnerability.

Metrics

CVSS 3.1
8.1/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
2.43%

82.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
ZohocorpManageengine Ad360< 4.3
ZohocorpManageengine Ad3604.34300
ZohocorpManageengine Adaudit Plus< 7.2
ZohocorpManageengine Adaudit Plus7.27200
ZohocorpManageengine Admanager Plus< 7.2
ZohocorpManageengine Admanager Plus7.27201
ZohocorpManageengine Assetexplorer< 6.9
ZohocorpManageengine Assetexplorer6.9
ZohocorpManageengine Assetexplorer7.07000
ZohocorpManageengine Cloud Security Plus< 4.1
ZohocorpManageengine Cloud Security Plus4.14100
ZohocorpManageengine Datasecurity Plus< 6.1
ZohocorpManageengine Datasecurity Plus6.16100
ZohocorpManageengine Eventlog Analyzer< 12.3.0
ZohocorpManageengine Eventlog Analyzer12.3.012300
ZohocorpManageengine Exchange Reporter Plus< 5.7
ZohocorpManageengine Exchange Reporter Plus5.75700
ZohocorpManageengine Log360< 5.3
ZohocorpManageengine Log3605.3Build5300
ZohocorpManageengine Log360 Ueba4.0Build4010
ZohocorpManageengine M365 Manager Plus< 4.5
ZohocorpManageengine M365 Manager Plus4.5Build4500
ZohocorpManageengine M365 Security Plus< 4.5
ZohocorpManageengine M365 Security Plus4.54500
ZohocorpManageengine Recoverymanager Plus< 6.0
ZohocorpManageengine Recoverymanager Plus6.0Build6001
ZohocorpManageengine Servicedesk Plus< 14.2
ZohocorpManageengine Servicedesk Plus14.214200
ZohocorpManageengine Servicedesk Plus14.314300
ZohocorpManageengine Servicedesk Plus Msp< 14.3
ZohocorpManageengine Servicedesk Plus Msp14.314300
ZohocorpManageengine Sharepoint Manager Plus< 4.4
ZohocorpManageengine Sharepoint Manager Plus4.44400
ZohocorpManageengine Supportcenter Plus< 14.3
ZohocorpManageengine Supportcenter Plus14.314300

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-35785?
Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7xxx 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange Reporter Plus 5709 and below, Log360 5315 and below, Log360 UEBA 4045 and below, M365 Manager Plus 4529 and below, M365 Security Plus 4529 and below, Recovery Manager Plus 6061 and below, ServiceDesk Plus 14204 and below and 143xx 14302 and below, ServiceDesk Plus MSP 14300 and below, SharePoint Manager Plus 4402 and below, and Support Center Plus 14300 and below are vulnerable to 2FA bypass via a few TOTP authenticators. Note: A valid pair of username and password is required to leverage this vulnerability.
How severe is CVE-2023-35785?
CVE-2023-35785 has a CVSS score of 8.1/10 (HIGH severity). The EPSS model estimates a 2.43% probability of exploitation in the next 30 days.
How do I fix CVE-2023-35785?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-35785?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST