CVE-2021-33208: XEE

Q: What is CVE-2021-33208?

CVE-2021-33208 is a vulnerability in the "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA that allows XXE attacks via a malicious XML configuration file.

Q: What is the severity of CVE-2021-33208?

CVE-2021-33208 has a severity rating of 7.2, which is considered high.

Q: How does CVE-2021-33208 affect MashZone NextGen?

CVE-2021-33208 affects MashZone NextGen through version 10.7 GA.

Q: How can XXE attacks be performed in MashZone NextGen?

XXE attacks can be performed in MashZone NextGen through the "Register an Ehcache Configuration File" admin feature when a malicious XML configuration file is used.

Q: Is there a fix available for CVE-2021-33208?

Yes, you can refer to the provided references for information on available fixes and patches for CVE-2021-33208.

Published Mar 30, 2022

Updated

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file.

Affected Software

1 affected component

Softwareag Mashzone Nextgen<=10.7

Event History

Mar 30, 2022

CVE Published

via MITRE·09:52 PM

Data Sourced

via MITRE·09:52 PM

Description

Frequently Asked Questions

What is CVE-2021-33208?

CVE-2021-33208 is a vulnerability in the "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA that allows XXE attacks via a malicious XML configuration file.

What is the severity of CVE-2021-33208?

CVE-2021-33208 has a severity rating of 7.2, which is considered high.

How does CVE-2021-33208 affect MashZone NextGen?

CVE-2021-33208 affects MashZone NextGen through version 10.7 GA.

How can XXE attacks be performed in MashZone NextGen?

XXE attacks can be performed in MashZone NextGen through the "Register an Ehcache Configuration File" admin feature when a malicious XML configuration file is used.

Is there a fix available for CVE-2021-33208?