CVE-2023-48793

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 2, 2024

Updated: Jul 3, 2024

CWE ID 89

Summary

CVE-2023-48793 is a newly discovered vulnerability affecting Zoho ManageEngine ADAudit Plus, specifically versions prior to 7251. Hackers can exploit this SQL Injection flaw in the aggregate report feature, gaining unauthorized access to sensitive data. This issue poses a significant risk to organizations using ADAudit Plus, allowing attackers to execute malicious SQL queries and potentially steal confidential information. It is recommended that users upgrade to the latest version of the software as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ADAudit Plus

Affected Vendors

Zoho Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/teysnq
https://www.cve.org/CVERecord?id=CVE-2023-48793
https://nvd.nist.gov/vuln/detail/CVE-2023-48793

Back to Vulnerability Database