U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2022-29457

Change History

Initial Analysis by NIST 4/27/2022 3:38:53 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:* versions up to (excluding) 7.0.0
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7000:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7002:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7003:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7004:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7005:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7006:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7007:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7008:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7050:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7051:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7052:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7053:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7054:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0:7055:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:* versions up to (excluding) 7.1
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7115:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7116:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7117:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7118:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7120:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7121:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7122:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7123:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7124:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7125:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7126:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7130:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* versions up to (excluding) 6.1
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6100:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6101:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6102:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6103:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6104:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6105:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6106:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6107:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6108:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6109:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6110:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6111:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6112:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6113:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6114:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6115:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6116:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6117:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6118:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6119:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6120:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:*:*:*:*:*:*:*:* versions up to (excluding) 5.7
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5700:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NIST CWE-522
Changed Reference Type
https://docs.unsafe-inline.com/0day/multiple-manageengine-applications-critical-information-disclosure-vulnerability No Types Assigned
https://docs.unsafe-inline.com/0day/multiple-manageengine-applications-critical-information-disclosure-vulnerability Exploit, Patch, Third Party Advisory
Changed Reference Type
https://www.manageengine.com/products/self-service-password/release-notes.html No Types Assigned
https://www.manageengine.com/products/self-service-password/release-notes.html Release Notes, Vendor Advisory