CVE-2023-31099
Published: 04 May 2023
Summary
CVE-2023-31099 is a high-severity an unspecified weakness vulnerability in Zohocorp Manageengine Opmanager. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 1.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Zoho ManageEngine OPManager through version 126323 contains a remote code execution vulnerability that can be triggered through its probe servers. The flaw carries a CVSS 3.1 score of 8.8 and is reachable over the network by any authenticated user without additional user interaction.
An authenticated attacker can leverage the issue to execute arbitrary code on the affected server, resulting in full compromise of confidentiality, integrity, and availability. No special privileges beyond standard authenticated access are required.
Official guidance is available from the vendor at https://www.manageengine.com/network-monitoring/security-updates/cve-2023-31099.html, which directs customers to apply the listed security updates for OPManager.
EPSS for the CVE reached a peak of 0.8494 on 2026-04-16 before receding to the current value of 0.5823, indicating sustained post-disclosure exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-35427
Vulnerability details
Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.