Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softwareag mashzone nextgen vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-33207
The HTTP client in MashZone NextGen up to and including 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code.
Softwareag Mashzone Nextgen
6.5
CVSSv2
CVE-2021-33208
The "Register an Ehcache Configuration File" admin feature in MashZone NextGen up to and including 10.7 GA allows XXE attacks via a malicious XML configuration file.
Softwareag Mashzone Nextgen
6.5
CVSSv2
CVE-2021-33523
MashZone NextGen up to and including 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.
Softwareag Mashzone Nextgen
6.5
CVSSv2
CVE-2021-33581
MashZone NextGen up to and including 10.7 GA has an SSRF vulnerability that allows an malicious user to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This occurs in com.idsscheer.ppmmashup.web.webservice.impl.ZPrestoAd...
Softwareag Mashzone Nextgen
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started