Vulnerabilities > CVE-2021-33208 - XXE vulnerability in Softwareag Mashzone Nextgen

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
softwareag
CWE-611
NVD
Published: 2022-03-30
Updated: 2022-04-05

Summary

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file.

Vulnerable Configurations

Part Description Count
Application
Softwareag
1

Common Weakness Enumeration (CWE)

References