検出

ManageEngine Access Manager Plus の認証されていない RCE (CVE-2022-47966)

critical Nessus プラグイン ID 171707

Language:

バージョン 1.28

May 20, 2024, 10:13 AM

  • Logic Changes

Plugin Feed: 202405201013

バージョン 1.25

Mar 19, 2024, 6:40 PM

  • Logic Changes (Improving logging to reduce disk space usage)

Plugin Feed: 202403191840

バージョン 1.24

Mar 5, 2024, 1:15 AM

  • Logic Changes (Report structured data for RPM version checks.)

Plugin Feed: 202403050115

バージョン 1.21

Feb 9, 2024, 11:22 AM

  • New

Plugin Feed: 202402091122

バージョン 1.20

Feb 5, 2024, 4:13 PM

  • New (Implement a Purl generator.)

Plugin Feed: 202402051613

バージョン 1.18

Dec 5, 2023, 2:37 PM

  • CVSS metrics ("CVSSv2 score" set to 10.0. "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")

Plugin Feed: 202312051437

バージョン 1.16

Sep 26, 2023, 8:16 PM

  • Logic Changes

Plugin Feed: 202309262016

バージョン 1.15

Sep 14, 2023, 4:20 PM

  • CVSS metrics ("CVSSv2 score" changed from 10.0 to 7.8. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:M/Au:N/C:C/I:P/A:N")

Plugin Feed: 202309141620

バージョン 1.14

Sep 8, 2023, 10:12 PM

  • CEA reference

Plugin Feed: 202309082212

バージョン 1.13

Sep 1, 2023, 2:16 PM

  • Exploit attributes ("Exploit framework core" set to "True")

Plugin Feed: 202309011416

バージョン 1.12

Jul 17, 2023, 5:15 PM

  • Logic Changes (Make torture_cgi library PCP clean and consolidate utf16_to_ascii())

Plugin Feed: 202307171715

バージョン 1.11

Jun 20, 2023, 9:07 PM

  • Logic Changes (Temporarily limit debug logging)

Plugin Feed: 202306202107

バージョン 1.9

Jun 1, 2023, 5:27 AM

  • Logic Changes (Better logging)

Plugin Feed: 202306010527

バージョン 1.7

May 1, 2023, 9:07 PM

  • Detection (Make and use compatibility wrapper for running commands on scanner localhost to handle deprecation of pread().)

Plugin Feed: 202305012107

バージョン 1.5

Apr 4, 2023, 12:12 PM

  • IAVM reference
  • STIG Severity (set to "I")

Plugin Feed: 202304041212

バージョン 1.3

Mar 8, 2023, 1:05 AM

  • Logic Changes

Plugin Feed: 202303080105

バージョン 1.2

Feb 22, 2023, 7:59 PM

  • CISA reference

Plugin Feed: 202302221959

バージョン 1.1

Feb 22, 2023, 2:14 PM

  • CVSS metrics ("CVSSv2 score" changed from "7.5" to "10.0". "CVSSv2 score" changed from "7.5" to "10.0". "CVSSv2 score" changed from "7.5" to "10.0". "CVSSv2 score" changed from "7.5" to "10.0". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")
  • Exploit attributes ("Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploited by malware" set to "True". "Exploitability ease" set to "Exploits are available". "Exploit framework metasploit" set to "True". "Exploited by malware" set to "True". "Exploitability ease" set to "Exploits are available". "Exploit framework metasploit" set to "True". "Exploited by malware" set to "True". "Exploitability ease" set to "Exploits are available". "Exploit framework metasploit" set to "True")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C")

Plugin Feed: 202302221414

バージョン 1.0

Feb 21, 2023, 8:11 PM

  • New

Plugin Feed: 202302212011

* Changelogs are generally available for changes made after Nov 1, 2022