CVE-2021-33523: High severity software ag mashzone nextgen vulnerability
MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.
Affected Software
Event History
Frequently Asked Questions
What is CVE-2021-33523?
CVE-2021-33523 is a vulnerability in MashZone NextGen through version 10.7 GA that allows a remote authenticated user with access to the admin console to upload a new JDBC driver that can execute arbitrary commands on the underlying host.
How does CVE-2021-33523 occur?
CVE-2021-33523 occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController of MashZone NextGen through version 10.7 GA.
What is the severity of CVE-2021-33523?
CVE-2021-33523 has a severity rating of high with a score of 7.2.
How can I check if I am affected by CVE-2021-33523?
You are affected by CVE-2021-33523 if you are using MashZone NextGen version 10.7 GA or earlier.
How do I fix CVE-2021-33523?
To fix CVE-2021-33523, you should update MashZone NextGen to a version that is not affected or apply any patches or security updates provided by the software vendor.