CVEDB API

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.942

EPSS Ranking 99.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2022-28219

Zohocorp » Manageengine Adaudit Plus » Version: N/A

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:-
Zohocorp » Manageengine Adaudit Plus » Version: 4.1.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:4.1.0
Zohocorp » Manageengine Adaudit Plus » Version: 4.5.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:4.5.0
Zohocorp » Manageengine Adaudit Plus » Version: 5.0.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:5.0.0
Zohocorp » Manageengine Adaudit Plus » Version: 5.1

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:5.1
Zohocorp » Manageengine Adaudit Plus » Version: 6.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0
Zohocorp » Manageengine Adaudit Plus » Version: 7.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0