CVE-2021-33523
N/A
N/A
Summary
MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.softwareag.com/corporate/products/az/mashzone_nextgen/default
- https://github.com/blackarrowsec/advisories/tree/master/2021/CVE-2021-33523
References
- https://www.softwareag.com/corporate/products/az/mashzone_nextgen/default
- https://github.com/blackarrowsec/advisories/tree/master/2021/CVE-2021-33523
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.