CVE-2020-21641

Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file.
References
Link Resource
https://www.manageengine.com/analytics-plus/release-notes.html Release Notes Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:zohocorp:manageengine_analytics_plus:*:*:*:*:*:*:*:*

Information

Published : 2022-08-15 13:15

Updated : 2022-08-16 10:29


NVD link : CVE-2020-21641

Mitre link : CVE-2020-21641


JSON object : View

CWE
CWE-611

Improper Restriction of XML External Entity Reference

Advertisement

dedicated server usa

Products Affected

zohocorp

  • manageengine_analytics_plus