First published: Tue Apr 11 2023(Updated: )
Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp ManageEngine Applications Manager | <16.3 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16300 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16310 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16320 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2023-28340.
CVE-2023-28340 has a severity rating of 6.5 (medium).
CVE-2023-28340 allows an admin user to conduct an XXE attack.
Zoho ManageEngine Applications Manager version 16.3 through 16320 is affected by CVE-2023-28340.
To fix CVE-2023-28340, update Zoho ManageEngine Applications Manager to a version that is not affected by this vulnerability.