CVE-2023-50785

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine ADAudit Plus versions prior to 7270

Description The issue is related to incorrect restriction of directory path names with limited access, allowing admin users to view names of arbitrary directories via path traversal. This could enable a remote attacker to gain unauthorized access to confidential information.

Recommendations For versions prior to 7270, update to version 7270 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive directories to minimize the risk of exploitation.