logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-37425

Description

Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key.


Affected Software


CPE Name Name Version
altova:mobiletogether_server altova mobiletogether server 7.3
altova:mobiletogether_server altova mobiletogether server 7.3

Related