CVE-2024-10839: XML External Entity
First published: Fri Nov 08 2024(Updated: )
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
Credit: 0fc0942c-577d-436f-ae8e-945763c79b02
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ManageEngine SharePoint Manager Plus | =4.0-4000 | |
| ManageEngine SharePoint Manager Plus | =4.0-4001 | |
| ManageEngine SharePoint Manager Plus | =4.0-4002 | |
| ManageEngine SharePoint Manager Plus | =4.0-4003 | |
| ManageEngine SharePoint Manager Plus | =4.0-4004 | |
| ManageEngine SharePoint Manager Plus | =4.0-4005 | |
| ManageEngine SharePoint Manager Plus | =4.0-4006 | |
| ManageEngine SharePoint Manager Plus | =4.0-4007 | |
| ManageEngine SharePoint Manager Plus | =4.0-4008 | |
| ManageEngine SharePoint Manager Plus | =4.0-4009 | |
| ManageEngine SharePoint Manager Plus | =4.0-4010 | |
| ManageEngine SharePoint Manager Plus | =4.0-4011 | |
| ManageEngine SharePoint Manager Plus | =4.0-4012 | |
| ManageEngine SharePoint Manager Plus | =4.0-4013 | |
| ManageEngine SharePoint Manager Plus | =4.0-4014 | |
| ManageEngine SharePoint Manager Plus | =4.0-4015 | |
| ManageEngine SharePoint Manager Plus | =4.0-4016 | |
| ManageEngine SharePoint Manager Plus | =4.0-4017 | |
| ManageEngine SharePoint Manager Plus | =4.0-4018 | |
| ManageEngine SharePoint Manager Plus | =4.0-4019 | |
| ManageEngine SharePoint Manager Plus | =4.0-4020 | |
| ManageEngine SharePoint Manager Plus | =4.0-4021 | |
| ManageEngine SharePoint Manager Plus | =4.0-4022 | |
| ManageEngine SharePoint Manager Plus | =4.0-4023 | |
| ManageEngine SharePoint Manager Plus | =4.0-4024 | |
| ManageEngine SharePoint Manager Plus | =4.0-4025 | |
| ManageEngine SharePoint Manager Plus | =4.0-4026 | |
| ManageEngine SharePoint Manager Plus | =4.0-4027 | |
| ManageEngine SharePoint Manager Plus | =4.0-4028 | |
| ManageEngine SharePoint Manager Plus | =4.0-4029 | |
| ManageEngine SharePoint Manager Plus | =4.0-4030 | |
| ManageEngine SharePoint Manager Plus | =4.0-4031 | |
| ManageEngine SharePoint Manager Plus | =4.0-4032 | |
| ManageEngine SharePoint Manager Plus | =4.0-4033 | |
| ManageEngine SharePoint Manager Plus | =4.1-4100 | |
| ManageEngine SharePoint Manager Plus | =4.1-4101 | |
| ManageEngine SharePoint Manager Plus | =4.1-4102 | |
| ManageEngine SharePoint Manager Plus | =4.1-4103 | |
| ManageEngine SharePoint Manager Plus | =4.1-4104 | |
| ManageEngine SharePoint Manager Plus | =4.1-4105 | |
| ManageEngine SharePoint Manager Plus | =4.1-4106 | |
| ManageEngine SharePoint Manager Plus | =4.1-4107 | |
| ManageEngine SharePoint Manager Plus | =4.1-4108 | |
| ManageEngine SharePoint Manager Plus | =4.1-4109 | |
| ManageEngine SharePoint Manager Plus | =4.1-4110 | |
| ManageEngine SharePoint Manager Plus | =4.2-4200 | |
| ManageEngine SharePoint Manager Plus | =4.2-4201 | |
| ManageEngine SharePoint Manager Plus | =4.3-4300 | |
| ManageEngine SharePoint Manager Plus | =4.3-4301 | |
| ManageEngine SharePoint Manager Plus | =4.3-4302 | |
| ManageEngine SharePoint Manager Plus | =4.3-4303 | |
| ManageEngine SharePoint Manager Plus | =4.3-4304 | |
| ManageEngine SharePoint Manager Plus | =4.3-4305 | |
| ManageEngine SharePoint Manager Plus | =4.3-4306 | |
| ManageEngine SharePoint Manager Plus | =4.3-4307 | |
| ManageEngine SharePoint Manager Plus | =4.3-4308 | |
| ManageEngine SharePoint Manager Plus | =4.3-4309 | |
| ManageEngine SharePoint Manager Plus | =4.3-4310 | |
| ManageEngine SharePoint Manager Plus | =4.3-4311 | |
| ManageEngine SharePoint Manager Plus | =4.3-4312 | |
| ManageEngine SharePoint Manager Plus | =4.3-4313 | |
| ManageEngine SharePoint Manager Plus | =4.3-4314 | |
| ManageEngine SharePoint Manager Plus | =4.3-4315 | |
| ManageEngine SharePoint Manager Plus | =4.3-4316 | |
| ManageEngine SharePoint Manager Plus | =4.3-4317 | |
| ManageEngine SharePoint Manager Plus | =4.3-4318 | |
| ManageEngine SharePoint Manager Plus | =4.3-4319 | |
| ManageEngine SharePoint Manager Plus | =4.3-4320 | |
| ManageEngine SharePoint Manager Plus | =4.3-4321 | |
| ManageEngine SharePoint Manager Plus | =4.3-4322 | |
| ManageEngine SharePoint Manager Plus | =4.3-4323 | |
| ManageEngine SharePoint Manager Plus | =4.3-4324 | |
| ManageEngine SharePoint Manager Plus | =4.3-4325 | |
| ManageEngine SharePoint Manager Plus | =4.3-4326 | |
| ManageEngine SharePoint Manager Plus | =4.3-4327 | |
| ManageEngine SharePoint Manager Plus | =4.3-4328 | |
| ManageEngine SharePoint Manager Plus | =4.3-4329 | |
| ManageEngine SharePoint Manager Plus | =4.3-4330 | |
| ManageEngine SharePoint Manager Plus | =4.3-4331 | |
| ManageEngine SharePoint Manager Plus | =4.3-4332 | |
| ManageEngine SharePoint Manager Plus | =4.3-4333 | |
| ManageEngine SharePoint Manager Plus | =4.4-4400 | |
| ManageEngine SharePoint Manager Plus | =4.4-4401 | |
| ManageEngine SharePoint Manager Plus | =4.4-4402 | |
| ManageEngine SharePoint Manager Plus | =4.4-4403 | |
| ManageEngine SharePoint Manager Plus | =4.4-4404 | |
| ManageEngine SharePoint Manager Plus | =4.5-4500 | |
| ManageEngine SharePoint Manager Plus | =4.5-4501 | |
| ManageEngine SharePoint Manager Plus | =4.5-4502 | |
| ManageEngine SharePoint Manager Plus | =4.5-4503 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-10839?
CVE-2024-10839 has a severity rating that indicates a significant risk to systems using affected versions of ManageEngine SharePoint Manager Plus.
How do I fix CVE-2024-10839?
To remediate CVE-2024-10839, upgrade to ManageEngine SharePoint Manager Plus version 4504 or later.
What causes the vulnerability in CVE-2024-10839?
CVE-2024-10839 is caused by an authenticated XML External Entity (XXE) vulnerability in the Management option.
Which versions are vulnerable to CVE-2024-10839?
Versions 4503 and prior of ManageEngine SharePoint Manager Plus are vulnerable to CVE-2024-10839.
Are there any known exploits for CVE-2024-10839?
As of now, there are no publicly disclosed exploits specifically targeting CVE-2024-10839.
- agent/title
- agent/references
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/zohocorp
- canonical/manageengine sharepoint manager plus
- version/manageengine sharepoint manager plus/4.0-4000
- version/manageengine sharepoint manager plus/4.0-4001
- version/manageengine sharepoint manager plus/4.0-4002
- version/manageengine sharepoint manager plus/4.0-4003
- version/manageengine sharepoint manager plus/4.0-4004
- version/manageengine sharepoint manager plus/4.0-4005
- version/manageengine sharepoint manager plus/4.0-4006
- version/manageengine sharepoint manager plus/4.0-4007
- version/manageengine sharepoint manager plus/4.0-4008
- version/manageengine sharepoint manager plus/4.0-4009
- version/manageengine sharepoint manager plus/4.0-4010
- version/manageengine sharepoint manager plus/4.0-4011
- version/manageengine sharepoint manager plus/4.0-4012
- version/manageengine sharepoint manager plus/4.0-4013
- version/manageengine sharepoint manager plus/4.0-4014
- version/manageengine sharepoint manager plus/4.0-4015
- version/manageengine sharepoint manager plus/4.0-4016
- version/manageengine sharepoint manager plus/4.0-4017
- version/manageengine sharepoint manager plus/4.0-4018
- version/manageengine sharepoint manager plus/4.0-4019
- version/manageengine sharepoint manager plus/4.0-4020
- version/manageengine sharepoint manager plus/4.0-4021
- version/manageengine sharepoint manager plus/4.0-4022
- version/manageengine sharepoint manager plus/4.0-4023
- version/manageengine sharepoint manager plus/4.0-4024
- version/manageengine sharepoint manager plus/4.0-4025
- version/manageengine sharepoint manager plus/4.0-4026
- version/manageengine sharepoint manager plus/4.0-4027
- version/manageengine sharepoint manager plus/4.0-4028
- version/manageengine sharepoint manager plus/4.0-4029
- version/manageengine sharepoint manager plus/4.0-4030
- version/manageengine sharepoint manager plus/4.0-4031
- version/manageengine sharepoint manager plus/4.0-4032
- version/manageengine sharepoint manager plus/4.0-4033
- version/manageengine sharepoint manager plus/4.1-4100
- version/manageengine sharepoint manager plus/4.1-4101
- version/manageengine sharepoint manager plus/4.1-4102
- version/manageengine sharepoint manager plus/4.1-4103
- version/manageengine sharepoint manager plus/4.1-4104
- version/manageengine sharepoint manager plus/4.1-4105
- version/manageengine sharepoint manager plus/4.1-4106
- version/manageengine sharepoint manager plus/4.1-4107
- version/manageengine sharepoint manager plus/4.1-4108
- version/manageengine sharepoint manager plus/4.1-4109
- version/manageengine sharepoint manager plus/4.1-4110
- version/manageengine sharepoint manager plus/4.2-4200
- version/manageengine sharepoint manager plus/4.2-4201
- version/manageengine sharepoint manager plus/4.3-4300
- version/manageengine sharepoint manager plus/4.3-4301
- version/manageengine sharepoint manager plus/4.3-4302
- version/manageengine sharepoint manager plus/4.3-4303
- version/manageengine sharepoint manager plus/4.3-4304
- version/manageengine sharepoint manager plus/4.3-4305
- version/manageengine sharepoint manager plus/4.3-4306
- version/manageengine sharepoint manager plus/4.3-4307
- version/manageengine sharepoint manager plus/4.3-4308
- version/manageengine sharepoint manager plus/4.3-4309
- version/manageengine sharepoint manager plus/4.3-4310
- version/manageengine sharepoint manager plus/4.3-4311
- version/manageengine sharepoint manager plus/4.3-4312
- version/manageengine sharepoint manager plus/4.3-4313
- version/manageengine sharepoint manager plus/4.3-4314
- version/manageengine sharepoint manager plus/4.3-4315
- version/manageengine sharepoint manager plus/4.3-4316
- version/manageengine sharepoint manager plus/4.3-4317
- version/manageengine sharepoint manager plus/4.3-4318
- version/manageengine sharepoint manager plus/4.3-4319
- version/manageengine sharepoint manager plus/4.3-4320
- version/manageengine sharepoint manager plus/4.3-4321
- version/manageengine sharepoint manager plus/4.3-4322
- version/manageengine sharepoint manager plus/4.3-4323
- version/manageengine sharepoint manager plus/4.3-4324
- version/manageengine sharepoint manager plus/4.3-4325
- version/manageengine sharepoint manager plus/4.3-4326
- version/manageengine sharepoint manager plus/4.3-4327
- version/manageengine sharepoint manager plus/4.3-4328
- version/manageengine sharepoint manager plus/4.3-4329
- version/manageengine sharepoint manager plus/4.3-4330
- version/manageengine sharepoint manager plus/4.3-4331
- version/manageengine sharepoint manager plus/4.3-4332
- version/manageengine sharepoint manager plus/4.3-4333
- version/manageengine sharepoint manager plus/4.4-4400
- version/manageengine sharepoint manager plus/4.4-4401
- version/manageengine sharepoint manager plus/4.4-4402
- version/manageengine sharepoint manager plus/4.4-4403
- version/manageengine sharepoint manager plus/4.4-4404
- version/manageengine sharepoint manager plus/4.5-4500
- version/manageengine sharepoint manager plus/4.5-4501
- version/manageengine sharepoint manager plus/4.5-4502
- version/manageengine sharepoint manager plus/4.5-4503