Vulnerabilities > CVE-2021-20801 - XXE vulnerability in Cybozu Remote Service Manager 3.1.8/3.1.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This issue occurs only when using Mozilla Firefox.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |