CVE-2023-32783

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine ADAudit Plus version 7.1.1

Description The event analysis component in Zoho ManageEngine ADAudit Plus allows an attacker to bypass audit detection by creating or renaming user accounts with a "$" symbol suffix. The vendor states that this behavior is expected and not considered a security bug.

Recommendations For Zoho ManageEngine ADAudit Plus version 7.1.1, consider restricting the creation or renaming of user accounts with a "$" symbol suffix to minimize the risk of audit detection bypass. As a temporary workaround, monitor user account activity closely for any suspicious behavior related to accounts with the "$" symbol suffix. At the moment, there is no information about a newer version that contains a fix for this issue.