CVE-2022-47523 – High Severity Vulnerability in ManageEngine Credential Management Products

Share :

Between the 28th –30th of December 2022, Zoho released security updates to address a SQL injection vulnerability that they identified, designated as CVE-2022-47523. An advisory was later published, summarizing the affected products and remediation. 

This vulnerability affects several credential management products including ManageEngine PAM360, ManageEngine Access Manager Plus, and ManageEngine Password Manager Pro. In the release notes for the affected products, Zoho indicated that, when exploited, the vulnerabilities can allow any user to access the backend database. 

Credential management software has proven to be an attractive target for threat actors, particularly in the case of ransomware and extortionware. The Cybersecurity & Infrastructure Security Agency (CISA) presently lists 6 ManageEngine vulnerabilities as being actively exploited. In September 2022, a vulnerability affecting the same products described in this bulletin was added to that list. 

While Arctic Wolf is not aware of active exploitation of CVE-2022-47523 at this time, we are still strongly recommending that all organizations running the affected products upgrade to a fixed version as soon as possible. 

Recommendations for CVE-2022-47523 

Recommendation: Patch Vulnerable Versions of the PAM360, Access Manager Plus, and Password Manager Pro 

Our primary recommendation is to install the latest updates for the following products, as described in Zoho’s advisory: 

Stable Version  Vulnerable Versions  Fixed Versions 
Password Manager Pro  12200 and below  12210 
PAM360  5800 and below  5801 
Access Manager Plus  4308 and below  4309 


Picture of Adrian Korn

Adrian Korn

Adrian Korn is a seasoned cyber security professional with 7+ years' experience in cyber threat intelligence, threat detection, and security operations. He currently serves as the Manager of Threat Intelligence Research at Arctic Wolf Labs. Adrian has been a guest speaker on intelligence related topics at numerous conferences around the world, including DEF CON's Recon Village, Hackfest, and the Australian OSINT Symposium.
Share :
Table of Contents
Subscribe to our Monthly Newsletter