Lucene search
JpcertCVELIST:CVE-2015-2959HistoryJun 09, 2015 - 12:00 a.m.
CVE-2015-2959
2015-06-0900:00:00
jpcert
www.cve.org
Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.
References
jvn.jp/en/jp/JVN25598413/index.html
jvndb.jvn.jp/jvndb/JVNDB-2015-000075
www.securityfocus.com/bid/75065
www.securitytracker.com/id/1032516
support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250
Related
nvd
nvd
CVE-2015-2959
2015-06-09 00:59:01
prion
prion
Authorization
2015-06-09 00:59:00
cve
cve
CVE-2015-2959
2015-06-09 00:59:01
jvn
jvn
JVN#25598413: NetFlow Analyzer fails to restrict access permissions
2015-06-05 00:00:00