Zoho ManageEngine Analytics Plus OOB XML External Entity Vulnerability v<4.3.5
CVE-2020-21641 Published on August 15, 2022

Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file.

NVD

Products Associated with CVE-2020-21641

Want to know whenever a new CVE is published for Zoho Corp Manageengine Analytics Plus? stack.watch will email you.

Zoho Corp Manageengine Analytics Plus

Exploit Probability

EPSS

4.58%

Percentile

89.09%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Zoho ManageEngine Analytics Plus OOB XML External Entity Vulnerability v<4.3.5CVE-2020-21641 Published on August 15, 2022

Products Associated with CVE-2020-21641

Exploit Probability

Zoho ManageEngine Analytics Plus OOB XML External Entity Vulnerability v<4.3.5
CVE-2020-21641 Published on August 15, 2022