CVE-2023-32783

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 7, 2023

Updated: Aug 2, 2024

CWE ID 863

Summary

CVE-2023-32783 is a vulnerability affecting Zoho ManageEngine ADAudit Plus version 7.1.1. Hackers can exploit this issue by creating or renaming user accounts with a "$" symbol suffix, bypassing audit detection. Although the vendor considers it an expected behavior and not a security bug, it may still expose organizations to unintended access and potential security risks. It is recommended that users upgrade to a newer version or apply the necessary patches to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ADAudit Plus

Affected Vendors

Zoho Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sQRzv0
https://www.cve.org/CVERecord?id=CVE-2023-32783
https://nvd.nist.gov/vuln/detail/CVE-2023-32783

Back to Vulnerability Database