Privileged RCE in ManageEngine Assets Discovery Agent (CVE-2023-22523)
CVE-2023-22523 Published on December 6, 2023
This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent.
Products Associated with CVE-2023-22523
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-22523 are published in these products:
Affected Versions
Atlassian Assets Discovery Cloud:- Version < 1.0.0 is unaffected.
- Version >= 1.0.0 is affected.
- Version >= 1.5.7.0 is affected.
- Version >= 1.5.7.1 is affected.
- Version >= 1.5.7.3 is affected.
- Version >= 1.5.7.4 is affected.
- Version >= 1.6.1.2 is affected.
- Version >= 1.6.2.0 is affected.
- Version >= 1.6.3.0 is affected.
- Version >= 1.6.4.0 is affected.
- Version >= 1.6.4.4 is affected.
- Version >= 1.7.0.0 is affected.
- Version >= 1.7.1.0 is affected.
- Version >= 1.7.2.0 is affected.
- Version >= 1.8.0.0 is affected.
- Version >= 1.8.1.1 is affected.
- Version >= 1.8.1.2 is affected.
- Version >= 1.8.1.3 is affected.
- Version >= 1.8.1.4 is affected.
- Version >= 1.8.1.5 is affected.
- Version >= 1.8.2.0 is affected.
- Version >= 2.0.0.0 is affected.
- Version >= 3.1.0 is affected.
- Version >= 3.1.1 is affected.
- Version >= 3.1.10 is affected.
- Version >= 3.1.11 is affected.
- Version >= 3.1.2 is affected.
- Version >= 3.1.3 is affected.
- Version >= 3.1.4 is affected.
- Version >= 3.1.5 is affected.
- Version >= 3.1.6 is affected.
- Version >= 3.1.7 is affected.
- Version >= 3.1.8 is affected.
- Version >= 3.1.9 is affected.
- Version >= 3.2.0 is unaffected.
- Version < 1.0.0 is unaffected.
- Version >= 1.0.0 is affected.
- Version >= 3.1.0 is affected.
- Version >= 3.1.1 is affected.
- Version >= 3.1.10 is affected.
- Version >= 3.1.11 is affected.
- Version >= 3.1.2 is affected.
- Version >= 3.1.3 is affected.
- Version >= 3.1.4 is affected.
- Version >= 3.1.5 is affected.
- Version >= 3.1.6 is affected.
- Version >= 3.1.7 is affected.
- Version >= 3.1.9 is affected.
- Version >= 6.0.0 is affected.
- Version >= 6.1.10 is affected.
- Version >= 6.1.11 is affected.
- Version >= 6.1.12 is affected.
- Version >= 6.1.13 is affected.
- Version >= 6.1.14 is affected.
- Version >= 6.1.9 is affected.
- Version >= 6.2.0 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.