CVE-2023-4769 - OpenCVE

A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0, specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks, such as a cross-port attack, service enumeration and other attacks via HTTP requests.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Zohocorp	Manageengine Desktop Central

Configuration 1 [-]

cpe:2.3:a:zohocorp:manageengine_desktop_central:9.1.0:*:*:*:*:*:*:*

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-manageengine-desktop-central	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-11-03T10:55:13.914Z

Updated: 2023-11-03T10:55:13.914Z

Reserved: 2023-09-05T11:46:03.159Z

Link: CVE-2023-4769

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-03T11:15:08.517

Modified: 2023-11-13T18:29:13.017

Link: CVE-2023-4769

JSON object: View

Redhat Information

No data.

CWE

CWE-918

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-4769", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2023-09-05T11:46:03.159Z", "datePublished": "2023-11-03T10:55:13.914Z", "dateUpdated": "2023-11-03T10:55:13.914Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Desktop Central", "vendor": "ManageEngine", "versions": [{"status": "affected", "version": "9.1.0"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Rafael Pedrero"}], "datePublic": "2023-11-03T11:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0, specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks, such as a cross-port attack, service enumeration and other attacks via HTTP requests."}], "value": "A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0, specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks, such as a cross-port attack, service enumeration and other attacks via HTTP requests."}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "CAPEC-664 Server Side Request Forgery"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-11-03T10:55:13.914Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-manageengine-desktop-central"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The vulnerability has been fixed in the latest version of Desktop Central."}], "value": "The vulnerability has been fixed in the latest version of Desktop Central."}], "source": {"discovery": "EXTERNAL"}, "title": "Server-Side Request Forgery in ManageEngine Desktop Central", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_desktop_central:9.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "6AA9C793-55B8-495D-AD2E-2DF886C6BA20", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0, specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks, such as a cross-port attack, service enumeration and other attacks via HTTP requests."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad SSRF en ManageEngine Desktop Central que afecta a la versi\u00f3n 9.1.0, espec\u00edficamente al componente /smtpConfig.do. Esta vulnerabilidad podr\u00eda permitir que un atacante autenticado lance ataques dirigidos, como un ataque entre puertos, enumeraci\u00f3n de servicios y otros ataques a trav\u00e9s de solicitudes HTTP."}], "id": "CVE-2023-4769", "lastModified": "2023-11-13T18:29:13.017", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "cve-coordination@incibe.es", "type": "Secondary"}]}, "published": "2023-11-03T11:15:08.517", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-manageengine-desktop-central"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "cve-coordination@incibe.es", "type": "Primary"}]}