CVE-2023-31099 : Zoho ManageEngine OPManager through 126323 allows an authenticated user to achie

Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.

Published 2023-05-04 02:15:19

Updated 2025-01-29 20:15:33

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2023-31099

Zohocorp » Manageengine Opmanager
Versions before (<) 12.6
cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126000
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126001
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126100
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126101
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126102
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126103
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126113
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126114
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126115
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126116
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126117
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126118
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126118:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126119
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126119:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126104
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126104:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126002
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126002:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126168
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126168:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126167
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126167:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126166
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126166:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126165
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126165:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126164
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126164:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126163
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126163:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126162
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126162:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126155
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126155:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126154
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126154:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126151
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126151:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126150
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126150:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126149
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126149:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126148
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126148:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126147
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126147:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126141
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126141:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126136
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126136:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126135
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126135:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126134
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126134:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126132
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126132:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126131
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126131:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126130
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126130:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126121
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126121:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126120
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126120:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126110
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126110:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126109
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126109:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126108
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126108:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126005
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126005:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126004
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126004:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126139
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126139:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126107
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126107:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126122
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126122:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126322
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126322:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126323
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126323:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126169
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126169:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126262
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126262:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126264
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126264:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126275
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126275:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126276
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126276:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126277
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126277:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126278
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126278:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126279
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126279:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126280
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126280:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126283
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126283:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126284
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126284:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126285
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126285:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126290
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126290:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126293
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126293:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126294
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126294:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126295
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126295:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126306
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126306:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126308
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126308:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126310
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126310:*:*:*:*:*:*
Matching versions
Zohocorp » Manageengine Opmanager » Version: 12.6 Update Build126311
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126311:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-31099

EPSS FAQ

19.81%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 95 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-31099

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-01-29
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2023-31099

https://www.manageengine.com/network-monitoring/security-updates/cve-2023-31099.html

Security Updates - CVE-2023-31099 | ManageEngine OpManager
Vendor Advisory
https://manageengine.com

ManageEngine - IT Operations and Service Management Software
Product

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-31099

Products affected by CVE-2023-31099

Exploit prediction scoring system (EPSS) score for CVE-2023-31099

CVSS scores for CVE-2023-31099

References for CVE-2023-31099