ZOHO ManageEngine NetFlow Analyzer CVE-2018-10803 HTML Injection Vulnerability
BID:104251
CVE-2018-10803 |Info
ZOHO ManageEngine NetFlow Analyzer CVE-2018-10803 HTML Injection Vulnerability
| Bugtraq ID: | 104251 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-10803 |
| Remote: | Yes |
| Local: | No |
| Published: | May 10 2018 12:00AM |
| Updated: | May 10 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Zohocorp ManageEngine NetFlow Analyzer 12.3.107 Zohocorp ManageEngine NetFlow Analyzer 12.3.83 Zohocorp ManageEngine NetFlow Analyzer 12.3.81 Zohocorp ManageEngine NetFlow Analyzer 12.3.70 Zohocorp ManageEngine NetFlow Analyzer 12.3.62 Zohocorp ManageEngine NetFlow Analyzer 12.3.57 Zohocorp ManageEngine NetFlow Analyzer 12.3.52 Zohocorp ManageEngine NetFlow Analyzer 12.3.47 Zohocorp ManageEngine NetFlow Analyzer 12.3.33 Zohocorp ManageEngine NetFlow Analyzer 12.3.29 Zohocorp ManageEngine NetFlow Analyzer 12.3.14 Zohocorp ManageEngine NetFlow Analyzer 12.3.9 Zohocorp ManageEngine NetFlow Analyzer 12.3.2 Zohocorp ManageEngine NetFlow Analyzer 12.3 |
| Not Vulnerable: |
Zohocorp ManageEngine NetFlow Analyzer 12.3.125 |
Exploit / POC
ZOHO ManageEngine NetFlow Analyzer CVE-2018-10803 HTML Injection Vulnerability
Attackers can use readily available tools to exploit this issue.
Attackers can use readily available tools to exploit this issue.
Solution / Fix
ZOHO ManageEngine NetFlow Analyzer CVE-2018-10803 HTML Injection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
ZOHO ManageEngine NetFlow Analyzer CVE-2018-10803 HTML Injection Vulnerability
References:
References:
- NetFlow Analyzer 12.3.107(Build 123107) (Zohocorp)
- NetFlow Analyzer Product Page (Zohocorp)