Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
History

Wed, 13 Nov 2024 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Zohocorp
Zohocorp manageengine Sharepoint Manager Plus
CPEs cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4002:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4003:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4004:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4005:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4006:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4007:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4008:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4009:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4010:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4011:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4012:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4013:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4014:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4015:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4016:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4017:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4018:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4019:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4020:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4021:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4022:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4023:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4024:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4025:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4026:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4027:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4028:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4029:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4030:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4031:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4032:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.0:4033:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4103:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4104:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4105:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4106:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4107:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4108:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4109:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.1:4110:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.2:4200:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.2:4201:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4300:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4301:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4302:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4303:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4304:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4305:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4306:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4307:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4308:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4309:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4310:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4311:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4312:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4313:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4314:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4315:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4316:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4317:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4318:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4319:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4320:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4321:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4322:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4323:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4324:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4325:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4326:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4327:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4328:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4329:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4330:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4331:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4332:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.3:4333:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4400:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4401:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4402:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4403:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4404:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.5:4500:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.5:4501:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.5:4502:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.5:4503:*:*:*:*:*:*
Vendors & Products Zohocorp
Zohocorp manageengine Sharepoint Manager Plus

Fri, 08 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 08 Nov 2024 11:15:00 +0000

Type Values Removed Values Added
Description Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
Title XML External Entity
Weaknesses CWE-611
References
Metrics cvssV3_1

{'score': 8.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ManageEngine

Published: 2024-11-08T10:58:19.228Z

Updated: 2024-11-08T14:18:57.843Z

Reserved: 2024-11-05T05:54:33.831Z

Link: CVE-2024-10839

cve-icon Vulnrichment

Updated: 2024-11-08T14:18:53.787Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-08T11:15:03.603

Modified: 2024-11-13T20:19:01.647

Link: CVE-2024-10839

cve-icon Redhat

No data.