CVE-2019-11676

Опубликовано: 02 мая 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The user defined DNS name in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to stored XSS attacks.

Ссылки

https://www.manageengine.com/products/firewall/release-notes.html
Release Notes
Vendor Advisory
https://www.manageengine.com/products/firewall/release-notes.html
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.2:7020:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.2:7021:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.4:7400:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.6:7600:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.0:8000:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.1:8110:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.3:8300:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.5:8500:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.0:12000:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.2:12200:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:12300:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123008:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123027:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123045:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123057:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123064:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123070:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123083:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123092:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123126:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123129:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123137:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123151:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123156:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123164:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123169:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123177:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123182:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123185:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123186:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123194:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123197:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123208:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123218:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123222:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123223:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.0129

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-2h8j-vgqm-q655