Unauthorized Access Vulnerability in Zoho NetFlow Analyzer
CVE-2015-2959

Currently unrated

Key Information:

Vendor: Zohocorp
Status: Manageengine Netflow Analyzer
Vendor: CVE Published:; 9 June 2015

What is CVE-2015-2959?

The vulnerability in Zoho NetFlow Analyzer allows remote attackers to exploit administrative authorization checks. By using the guest role, attackers can potentially access sensitive information, alter passwords, or delete user accounts. This poses a significant risk to data integrity and user security within the affected versions of the product.

References

http://www.securitytracker.com/id/1032516

vdb-entryx_refsource_SECTRACK

http://jvn.jp/en/jp/JVN25598413/index.html

third-party-advisoryx_refsource_JVN

http://jvndb.jvn.jp/jvndb/JVNDB-2015-000075

third-party-advisoryx_refsource_JVNDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2015
Vulnerability Reserved
Apr 7, 2015

Zohocorp

What is CVE-2015-2959?

References

Timeline