Privileged RCE in ManageEngine Assets Discovery Agent (CVE-2023-22523)
CVE-2023-22523 Published on December 6, 2023
This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent.
Products Associated with CVE-2023-22523
Want to know whenever a new CVE is published for Atlassian products? stack.watch will email you.
Affected Versions
Atlassian Assets Discovery Cloud:- Version < 1.0.0 is unaffected.
- Version >= 1.0.0 is affected.
- Version >= 1.5.7.0 is affected.
- Version >= 1.5.7.1 is affected.
- Version >= 1.5.7.3 is affected.
- Version >= 1.5.7.4 is affected.
- Version >= 1.6.1.2 is affected.
- Version >= 1.6.2.0 is affected.
- Version >= 1.6.3.0 is affected.
- Version >= 1.6.4.0 is affected.
- Version >= 1.6.4.4 is affected.
- Version >= 1.7.0.0 is affected.
- Version >= 1.7.1.0 is affected.
- Version >= 1.7.2.0 is affected.
- Version >= 1.8.0.0 is affected.
- Version >= 1.8.1.1 is affected.
- Version >= 1.8.1.2 is affected.
- Version >= 1.8.1.3 is affected.
- Version >= 1.8.1.4 is affected.
- Version >= 1.8.1.5 is affected.
- Version >= 1.8.2.0 is affected.
- Version >= 2.0.0.0 is affected.
- Version >= 3.1.0 is affected.
- Version >= 3.1.1 is affected.
- Version >= 3.1.10 is affected.
- Version >= 3.1.11 is affected.
- Version >= 3.1.2 is affected.
- Version >= 3.1.3 is affected.
- Version >= 3.1.4 is affected.
- Version >= 3.1.5 is affected.
- Version >= 3.1.6 is affected.
- Version >= 3.1.7 is affected.
- Version >= 3.1.8 is affected.
- Version >= 3.1.9 is affected.
- Version >= 3.2.0 is unaffected.
- Version < 1.0.0 is unaffected.
- Version >= 1.0.0 is affected.
- Version >= 3.1.0 is affected.
- Version >= 3.1.1 is affected.
- Version >= 3.1.10 is affected.
- Version >= 3.1.11 is affected.
- Version >= 3.1.2 is affected.
- Version >= 3.1.3 is affected.
- Version >= 3.1.4 is affected.
- Version >= 3.1.5 is affected.
- Version >= 3.1.6 is affected.
- Version >= 3.1.7 is affected.
- Version >= 3.1.9 is affected.
- Version >= 6.0.0 is affected.
- Version >= 6.1.10 is affected.
- Version >= 6.1.11 is affected.
- Version >= 6.1.12 is affected.
- Version >= 6.1.13 is affected.
- Version >= 6.1.14 is affected.
- Version >= 6.1.9 is affected.
- Version >= 6.2.0 is unaffected.
Exploit Probability
EPSS
7.19%
Percentile
91.53%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.