high
8.5
CWE
611
Advisory Published
Updated

CVE-2024-10839: XML External Entity

First published: Fri Nov 08 2024(Updated: )

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.

Credit: 0fc0942c-577d-436f-ae8e-945763c79b02

Affected SoftwareAffected VersionHow to fix
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4000
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4001
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4002
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4003
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4004
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4005
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4006
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4007
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4008
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4009
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4010
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4011
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4012
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4013
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4014
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4015
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4016
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4017
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4018
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4019
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4020
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4021
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4022
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4023
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4024
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4025
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4026
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4027
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4028
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4029
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4030
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4031
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4032
Zohocorp ManageEngine SharePoint Manager Plus=4.0-4033
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4100
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4101
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4102
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4103
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4104
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4105
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4106
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4107
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4108
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4109
Zohocorp ManageEngine SharePoint Manager Plus=4.1-4110
Zohocorp ManageEngine SharePoint Manager Plus=4.2-4200
Zohocorp ManageEngine SharePoint Manager Plus=4.2-4201
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4300
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4301
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4302
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4303
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4304
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4305
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4306
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4307
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4308
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4309
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4310
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4311
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4312
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4313
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4314
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4315
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4316
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4317
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4318
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4319
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4320
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4321
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4322
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4323
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4324
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4325
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4326
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4327
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4328
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4329
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4330
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4331
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4332
Zohocorp ManageEngine SharePoint Manager Plus=4.3-4333
Zohocorp ManageEngine SharePoint Manager Plus=4.4-4400
Zohocorp ManageEngine SharePoint Manager Plus=4.4-4401
Zohocorp ManageEngine SharePoint Manager Plus=4.4-4402
Zohocorp ManageEngine SharePoint Manager Plus=4.4-4403
Zohocorp ManageEngine SharePoint Manager Plus=4.4-4404
Zohocorp ManageEngine SharePoint Manager Plus=4.5-4500
Zohocorp ManageEngine SharePoint Manager Plus=4.5-4501
Zohocorp ManageEngine SharePoint Manager Plus=4.5-4502
Zohocorp ManageEngine SharePoint Manager Plus=4.5-4503

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203