CVE-2022-36923

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-36923
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.manageengine.com/itom/advisory/cve-2022-36923.html Vendor Advisory
https://www.manageengine.com/itom/advisory/cve-2022-36923.html Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125451:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125452:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125453:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125455:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125456:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125664:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126103:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126114:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126115:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126116:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126117:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126103:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126114:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126115:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126116:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126117:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125451:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125452:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125453:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125456:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126103:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126114:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126115:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126116:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126117:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125656:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125664:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125656:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125664:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126103:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126114:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126115:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126116:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126117:*:*:*:*:*:*
History

27 Aug 2025, 19:15

Type Values Removed Values Added
CWE CWE-284

21 Nov 2024, 07:14

Type Values Removed Values Added
References () https://www.manageengine.com/itom/advisory/cve-2022-36923.html - Vendor Advisory () https://www.manageengine.com/itom/advisory/cve-2022-36923.html - Vendor Advisory
Information

Published : 2022-08-10 20:16

Updated : 2025-09-24 19:43

NVD link : CVE-2022-36923

Mitre link : CVE-2022-36923

CVE.ORG link : CVE-2022-36923

JSON object : View

Products Affected

zohocorp

  • manageengine_opmanager_plus
  • manageengine_opmanager
  • manageengine_opmanager_msp
  • manageengine_oputils
  • manageengine_netflow_analyzer
  • manageengine_network_configuration_manager
  • manageengine_firewall_analyzer
CWE
CWE-755

Improper Handling of Exceptional Conditions

CWE-284

Improper Access Control