[CVE-2022-28219] Unauthenticated Remote Code Execution Vulnerability - ManageEngine ADAudit Plus

[CVE-2022-28219] Unauthenticated Remote Code Execution Vulnerability - ManageEngine ADAudit Plus

Severity: Critical

 

CVEID: CVE-2022-28219

 

Affected Software Version(s): All ADAudit Plus builds below 7060

 

Fixed Version(s): Build 7060

 

Fixed on: 30th March, 2022

 

Details: ManageEngine ADAudit Plus had vulnerable endpoints that allowed an unauthenticated attacker to exploit XML External Entities (XXE), Java deserialization and path traversal vulnerabilities. The chain could be leveraged to unauthenticated remote code execution. This issue has been fixed.

 

Impact: An unauthenticated attacker would be able to remotely execute an arbitrary code in the ADAudit Plus server.

 

Steps to Upgrade: Update your ADAudit Plus instance to build 7060 using the service pack.

 

Acknowledgments: This issue was reported by Naveen Sunkavally at Horizon3.ai.