Lucene search
K
SoftwareagMashzone Nextgen

4 matches found

CVE
CVE
added 2022/03/30 10:6 p.m.90 views

CVE-2021-33523

MashZone NextGen (up to 10.7 GA) contains a vulnerability where a remote authenticated user with admin-console access can upload a JDBC driver via com.idsscheer.ppmmashup.business.jdbc.DriverUploadController, allowing execution of arbitrary commands on the underlying host. The Red Hat and NVD ent...

7.2CVSS7.1AI score0.01775EPSS
CVE
CVE
added 2022/03/30 9:47 p.m.87 views

CVE-2021-33581

MashZone NextGen up to 10.7 GA is affected by SSRF in com.idsscheer.ppmmashup.web.webservice.impl.ZPrestoAdminWebService, allowing an attacker to interact with arbitrary TCP services by abusing the availability-check feature for a PPM connection. Affected product is MashZone NextGen; the root cau...

7.2CVSS6.9AI score0.01234EPSS
CVE
CVE
added 2022/03/30 9:52 p.m.80 views

CVE-2021-33208

CVE-2021-33208 – MashZone NextGen : Affected product is MashZone NextGen (through 10.7 GA; earlier versions implied by “through 10.7 GA”). The vulnerability is in the admin feature Register an Ehcache Configuration File , caused by an XML external entity (XXE) flaw in processing a malicious XML c...

7.2CVSS6.8AI score0.01106EPSS
CVE
CVE
added 2022/04/05 2:1 a.m.79 views

CVE-2021-33207

CVE-2021-33207 affects Software AG MashZone NextGen up to version 10.7 GA. The vulnerability arises in the HTTP client, which deserializes untrusted data when processing an HTTP response with status code 570. Connected sources confirm the affected product and the root cause (deserialization of un...

9.8CVSS9.3AI score0.01562EPSS