Design/Logic Flaw

2023-04-1101:15:00

PRIOn knowledge base

www.prio-n.com

zoho manageengine

applications manager

xxe attack

vulnerability

nvd

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.5%

JSON

Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack.

CPENameOperatorVersion
manageengine_applications_managerlt16.3
manageengine_applications_managereq16.3 build16310
manageengine_applications_managereq16.3 build16320
manageengine_applications_managereq16.3 build16300

Name	Operator	Version
manageengine_applications_manager	lt	16.3
manageengine_applications_manager	eq	16.3 build16310
manageengine_applications_manager	eq	16.3 build16320
manageengine_applications_manager	eq	16.3 build16300