CVE-2024-10839

EPSS 0.77%
Published 08.11.2024 11:15:03
Last modified 13.11.2024 20:19:01
Source 0fc0942c-577d-436f-ae8e-945763
Teams watchlist Login
Open Login

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4000

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4001

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4002

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4003

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4004

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4005

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4006

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4007

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4008

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4009

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4010

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4011

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4012

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4013

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4014

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4015

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4016

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4017

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4018

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4019

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4020

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4021

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4022

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4023

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4024

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4025

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4026

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4027

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4028

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4029

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4030

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4031

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4032

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.0 Update4033

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4100

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4101

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4102

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4103

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4104

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4105

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4106

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4107

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4108

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4109

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.1 Update4110

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.2 Update4200

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.2 Update4201

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4300

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4301

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4302

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4303

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4304

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4305

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4306

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4307

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4308

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4309

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4310

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4311

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4312

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4313

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4314

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4315

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4316

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4317

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4318

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4319

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4320

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4321

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4322

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4323

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4324

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4325

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4326

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4327

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4328

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4329

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4330

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4331

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4332

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.3 Update4333

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.4 Update4400

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.4 Update4401

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.4 Update4402

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.4 Update4403

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.4 Update4404

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.5 Update4500

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.5 Update4501

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.5 Update4502

Zohocorp ≫ Manageengine Sharepoint Manager Plus Version4.5 Update4503

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.77%	0.727

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0fc0942c-577d-436f-ae8e-945763c79b02	8.5	3.1	4.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

CWE-611 Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

https://www.manageengine.com/sharepoint-management-reporting/advisory/CVE-2024-10839.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-10839

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-10839

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-10839

EUVD