Published: 17/06/2022 Updated: 14/02/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE).

Vulnerable Product	Search on Vulmon	Subscribe to Product
rocketsoftware ags-zena 4.2.1

Zena Housekeeping notes: The original CookieMonster Repo can be found here githubcom/JetP1ane/zena Rocket Software Patch Release notes docsrocketsoftwarecom/bundle/ven1649700711249/page/ayk1652945111726html CVE-2021-45026 Stored XSS CVE-2021-45025 Cleartext Storage of Sensitive Information in a Cookie Researchers: James Barnett and Jeffrey Green Zena CookieM

CWE-611 http://asg.com https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html http://asg-zena.com https://nvd.nist.gov https://github.com/cptsticky/xxe-zena

CVE-2021-45024

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect