Softwareag Mashzone Nextgen

Do you want an email whenever new security vulnerabilities are reported in Softwareag Mashzone Nextgen?

By the Year

In 2024 there have been 0 vulnerabilities in Softwareag Mashzone Nextgen . Mashzone Nextgen did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	0	0.00
2022	4	7.85
2021	0	0.00
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Mashzone Nextgen vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Softwareag Mashzone Nextgen Security Vulnerabilities

The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code.

CVE-2021-33207 9.8 - Critical - April 05, 2022

The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code.

Marshaling, Unmarshaling

MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver

CVE-2021-33523 7.2 - High - March 30, 2022

MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA

CVE-2021-33208 7.2 - High - March 30, 2022

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file.

XXE

MashZone NextGen through 10.7 GA has an SSRF vulnerability

CVE-2021-33581 7.2 - High - March 30, 2022

MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This occurs in com.idsscheer.ppmmashup.web.webservice.impl.ZPrestoAdminWebService.

XSPA

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Softwareag Mashzone Nextgen or by Softwareag? Click the Watch button to subscribe.

Softwareag
Vendor

Softwareag Mashzone Nextgen
Product

By the Year

Recent Softwareag Mashzone Nextgen Security Vulnerabilities

The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code. CVE-2021-33207 9.8 - Critical - April 05, 2022

MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver CVE-2021-33523 7.2 - High - March 30, 2022

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA CVE-2021-33208 7.2 - High - March 30, 2022

MashZone NextGen through 10.7 GA has an SSRF vulnerability CVE-2021-33581 7.2 - High - March 30, 2022