CVE-2023-35785

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2023-35785
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2023-08-28 20:15:00 UTC
Updated2024-03-12 17:33:00 UTC
DescriptionZoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7xxx 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange Reporter Plus 5709 and below, Log360 5315 and below, Log360 UEBA 4045 and below, M365 Manager Plus 4529 and below, M365 Security Plus 4529 and below, Recovery Manager Plus 6061 and below, ServiceDesk Plus 14204 and below and 143xx 14302 and below, ServiceDesk Plus MSP 14300 and below, SharePoint Manager Plus 4402 and below, and Support Center Plus 14300 and below are vulnerable to 2FA bypass via a few TOTP authenticators. Note: A valid pair of username and password is required to leverage this vulnerability.

Risk And Classification

Problem Types: CWE-287

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Zohocorp Manageengine Ad360 All All All All
Application Zohocorp Manageengine Ad360 4.3 4300 All All
Application Zohocorp Manageengine Ad360 4.3 4302 All All
Application Zohocorp Manageengine Ad360 4.3 4303 All All
Application Zohocorp Manageengine Ad360 4.3 4304 All All
Application Zohocorp Manageengine Ad360 4.3 4305 All All
Application Zohocorp Manageengine Ad360 4.3 4306 All All
Application Zohocorp Manageengine Ad360 4.3 4308 All All
Application Zohocorp Manageengine Ad360 4.3 4309 All All
Application Zohocorp Manageengine Ad360 4.3 4310 All All
Application Zohocorp Manageengine Ad360 4.3 4312 All All
Application Zohocorp Manageengine Ad360 4.3 4313 All All
Application Zohocorp Manageengine Ad360 4.3 4314 All All
Application Zohocorp Manageengine Ad360 4.3 4315 All All
Application Zohocorp Manageengine Adaudit Plus All All All All
Application Zohocorp Manageengine Adaudit Plus 7.2 7200 All All
Application Zohocorp Manageengine Adaudit Plus 7.2 7201 All All
Application Zohocorp Manageengine Adaudit Plus 7.2 7202 All All
Application Zohocorp Manageengine Admanager Plus All All All All
Application Zohocorp Manageengine Admanager Plus 7.2 7201 All All
Application Zohocorp Manageengine Assetexplorer All All All All
Application Zohocorp Manageengine Assetexplorer 6.9 - All All
Application Zohocorp Manageengine Assetexplorer 6.9 6900 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6901 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6902 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6903 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6904 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6905 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6906 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6907 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6908 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6909 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6950 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6951 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6952 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6953 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6954 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6955 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6956 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6957 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6970 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6971 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6972 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6973 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6974 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6975 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6976 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6977 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6978 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6979 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6980 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6981 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6982 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6983 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6984 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6985 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6986 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6987 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6988 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6989 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6990 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6991 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6992 All All
Application Zohocorp Manageengine Assetexplorer 6.9 6993 All All
Application Zohocorp Manageengine Assetexplorer 7.0 7000 All All
Application Zohocorp Manageengine Assetexplorer 7.0 7001 All All
Application Zohocorp Manageengine Cloud Security Plus All All All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4100 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4101 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4102 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4103 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4104 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4105 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4106 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4107 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4108 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4109 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4110 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4111 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4112 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4113 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4115 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4116 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4117 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4118 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4119 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4120 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4121 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4122 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4130 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4131 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4140 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4141 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4150 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4160 All All
Application Zohocorp Manageengine Cloud Security Plus 4.1 4161 All All
Application Zohocorp Manageengine Datasecurity Plus All All All All
Application Zohocorp Manageengine Datasecurity Plus 6.1 6100 All All
Application Zohocorp Manageengine Datasecurity Plus 6.1 6101 All All
Application Zohocorp Manageengine Datasecurity Plus 6.1 6110 All All
Application Zohocorp Manageengine Eventlog Analyzer All All All All
Application Zohocorp Manageengine Eventlog Analyzer 12.3.0 12300 All All
Application Zohocorp Manageengine Eventlog Analyzer 12.3.0 12301 All All
Application Zohocorp Manageengine Exchange Reporter Plus All All All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5700 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5701 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5702 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5703 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5704 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5705 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5706 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5707 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5708 All All
Application Zohocorp Manageengine Exchange Reporter Plus 5.7 5709 All All
Application Zohocorp Manageengine Log360 All All All All
Application Zohocorp Manageengine Log360 5.3 build5300 All All
Application Zohocorp Manageengine Log360 5.3 build5301 All All
Application Zohocorp Manageengine Log360 5.3 build5302 All All
Application Zohocorp Manageengine Log360 5.3 build5305 All All
Application Zohocorp Manageengine Log360 5.3 build5310 All All
Application Zohocorp Manageengine Log360 5.3 build5311 All All
Application Zohocorp Manageengine Log360 5.3 build5315 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4010 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4011 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4015 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4016 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4020 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4021 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4023 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4024 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4025 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4026 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4027 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4028 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4030 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4031 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4034 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4035 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4036 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4040 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4043 All All
Application Zohocorp Manageengine Log360 Ueba 4.0 build4045 All All
Application Zohocorp Manageengine M365 Manager Plus All All All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4500 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4502 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4503 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4504 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4505 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4507 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4508 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4509 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4510 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4511 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4512 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4513 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4514 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4516 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4517 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4518 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4519 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4520 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4523 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4525 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4527 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4528 All All
Application Zohocorp Manageengine M365 Manager Plus 4.5 build4529 All All
Application Zohocorp Manageengine M365 Security Plus All All All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4500 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4502 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4503 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4504 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4505 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4507 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4508 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4509 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4510 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4511 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4512 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4513 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4514 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4516 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4517 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4518 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4519 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4520 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4523 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4525 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4527 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4528 All All
Application Zohocorp Manageengine M365 Security Plus 4.5 4529 All All
Application Zohocorp Manageengine Recoverymanager Plus All All All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6001 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6003 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6005 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6011 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6016 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6017 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6020 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6025 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6026 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6030 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6031 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6032 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6041 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6042 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6043 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6044 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6047 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6049 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6050 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6051 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6053 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6054 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6056 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6057 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6058 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6060 All All
Application Zohocorp Manageengine Recoverymanager Plus 6.0 build6061 All All
Application Zohocorp Manageengine Servicedesk Plus All All All All
Application Zohocorp Manageengine Servicedesk Plus 14.2 14200 All All
Application Zohocorp Manageengine Servicedesk Plus 14.2 14201 All All
Application Zohocorp Manageengine Servicedesk Plus 14.2 14202 All All
Application Zohocorp Manageengine Servicedesk Plus 14.2 14203 All All
Application Zohocorp Manageengine Servicedesk Plus 14.2 14204 All All
Application Zohocorp Manageengine Servicedesk Plus 14.3 14300 All All
Application Zohocorp Manageengine Servicedesk Plus 14.3 14301 All All
Application Zohocorp Manageengine Servicedesk Plus 14.3 14302 All All
Application Zohocorp Manageengine Servicedesk Plus Msp All All All All
Application Zohocorp Manageengine Servicedesk Plus Msp 14.3 14300 All All
Application Zohocorp Manageengine Sharepoint Manager Plus All All All All
Application Zohocorp Manageengine Sharepoint Manager Plus 4.4 4400 All All
Application Zohocorp Manageengine Sharepoint Manager Plus 4.4 4401 All All
Application Zohocorp Manageengine Sharepoint Manager Plus 4.4 4402 All All
Application Zohocorp Manageengine Supportcenter Plus All All All All
Application Zohocorp Manageengine Supportcenter Plus 14.3 14300 All All

References

ReferenceSourceLinkTags
ManageEngine: IT security, operations & service management MISC manageengine.com
ManageEngine Security Advisories MISC www.manageengine.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 378838 Zoho ManageEngine TFA bypass Vulnerability
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report