Introducing ADAudit Plus' Attack Surface Analyzer—Detect 25+ AD attacks and identify risky Azure configurations. Learn more×
 
Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

Security Updates

 
close-but
  • How do I find out my Build number?
  • 1 Log in to the ADAudit Plus web console, and click License in the top pane.
  • 2 You will find the build number mentioned below the product version. This is the current build number of ADAudit Plus.

    how-do-find-build-number

Arbitrary Directory Traversal Vulnerability fixed in ADAudit Plus build 7270

Vulnerability details
Severity Low
CVE ID CVE-2023-50785
Affected software versions All ADAudit Plus builds below 7270 [How to find your build number?]
Fixed version Build 7270
Fixed on December 29, 2023

Details

An arbitrary admin only directory traversal vulnerability in ManageEngine ADAudit Plus' Disk Space Analysis has been fixed.

Impact

This vulnerability allows a malicious administrator to list folders in file paths located outside the designated installation directory.

Steps to upgrade

Update your ADAudit Plus instance to the latest build — 7270 — using the service pack.

Acknowledgements

This issue was reported by SAM.

Please contact support@adauditplus.com for more details.

ADAudit Plus Trusted By

Meet all auditing and IT security needs with ADAudit Plus.

  • Active Directory
  • File servers
  • Windows server
  • Workstation
  • Compliance
  • Related Products

A single pane of glass for complete Active Directory Auditing and Reporting

Free Trial Get Quote
Email Download Link