Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softwareag mashzone nextgen vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-33581
MashZone NextGen up to and including 10.7 GA has an SSRF vulnerability that allows an malicious user to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This occurs in com.idsscheer.ppmmashup.web.webservice.impl.ZPrestoAd...
Softwareag Mashzone Nextgen
578
VMScore
CVE-2021-33208
The "Register an Ehcache Configuration File" admin feature in MashZone NextGen up to and including 10.7 GA allows XXE attacks via a malicious XML configuration file.
Softwareag Mashzone Nextgen
668
VMScore
CVE-2021-33207
The HTTP client in MashZone NextGen up to and including 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code.
Softwareag Mashzone Nextgen
578
VMScore
CVE-2021-33523
MashZone NextGen up to and including 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.
Softwareag Mashzone Nextgen
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started