Zoho ADAudit Plus 7.1.1 Audit Bypass via User Account $ Suffix
CVE-2023-32783 Published on August 7, 2023

The event analysis component in Zoho ManageEngine ADAudit Plus 7.1.1 allows an attacker to bypass audit detection by creating or renaming user accounts with a "$" symbol suffix. NOTE: the vendor states "We do not consider this as a security bug and it's an expected behaviour."

NVD

Products Associated with CVE-2023-32783

Want to know whenever a new CVE is published for Zoho Corp Manageengine Adaudit Plus? stack.watch will email you.

Zoho Corp Manageengine Adaudit Plus

Exploit Probability

EPSS

0.14%

Percentile

33.42%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Zoho ADAudit Plus 7.1.1 Audit Bypass via User Account $ SuffixCVE-2023-32783 Published on August 7, 2023

Products Associated with CVE-2023-32783

Exploit Probability

Zoho ADAudit Plus 7.1.1 Audit Bypass via User Account $ Suffix
CVE-2023-32783 Published on August 7, 2023