NVD - CVE-2022-24978

Vulnerability Change Records for CVE-2022-24978

Change History

Initial Analysis by NIST 4/12/2022 1:15:56 PM

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added	CVSS V2		NIST (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Added	CWE		NIST CWE-522
Added	CPE Configuration		OR cpe:2.3:a:zohocorp:manageengine_adaudit_plus::::::::* versions up to (including) 6.0 cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7000::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7002::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7003::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7004::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7005::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7006::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7007::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7008::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7050::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7051::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7052::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7053::::::* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7054::::::*
Changed	Reference Type	https://manageengine.com No Types Assigned	https://manageengine.com Vendor Advisory
Changed	Reference Type	https://pitstop.manageengine.com/portal/en/community/topic/cve-2022-24978-privilege-escalation-vulnerability-manageengine-adaudit-plus No Types Assigned	https://pitstop.manageengine.com/portal/en/community/topic/cve-2022-24978-privilege-escalation-vulnerability-manageengine-adaudit-plus Patch, Vendor Advisory