Cyber Resilience

CVE-2023-47211

CriticalPublic PoC

Published: 08 January 2024

Published
08 January 2024
Modified
04 November 2025
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
EPSS Score 0.7615 98.9th percentile
Risk Priority 64 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-47211 is a critical-severity Path Traversal (CWE-22) vulnerability in Zohocorp Manageengine Opmanager. Its CVSS base score is 9.1 (Critical).

Operationally, ranked in the top 1.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. The flaw, tracked as CWE-22, allows a specially crafted HTTP request containing a malicious MIB file to result in arbitrary file creation on the affected system. The issue carries a CVSS 3.1 score of 9.1, reflecting network attack vector, low complexity, and required low privileges with changed scope.

An authenticated attacker can send the malicious request remotely to write files outside intended directories. Successful exploitation can lead to high-impact outcomes on confidentiality along with limited integrity and availability effects on the target installation.

Public advisories from ManageEngine and detailed analysis from Cisco Talos are available at the referenced URLs and address the reported issue.

The CVE shows an EPSS score that has reached a peak of 0.8406 with a current value of 0.7615, indicating notable exploitation interest.

EU & UK References

Vulnerability details

A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

zohocorp
manageengine firewall analyzer
12.7 · ≤ 12.7
zohocorp
manageengine netflow analyzer
12.7 · ≤ 12.7
zohocorp
manageengine network configuration manager
12.7 · ≤ 12.7
zohocorp
manageengine opmanager
12.7 · ≤ 12.7
zohocorp
manageengine opmanager msp
12.7 · ≤ 12.7
zohocorp
manageengine opmanager plus
12.7 · ≤ 12.7
zohocorp
manageengine oputils
12.7 · ≤ 12.7

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References