← volver
CVE-2015-2959

CVE-2015-2959

EPSS 3.4%
Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000075http://jvn.jp/en/jp/JVN25598413/index.htmlhttps://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250http://www.securityfocus.com/bid/75065http://www.securitytracker.com/id/1032516