RSS   Vulnerabilities for 'Mobiletogether server'   RSS

2021-08-10
 
CVE-2021-37425

CWE-611
 

 
Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key.

 
 
CVE-2021-38490

CWE-776
 

 
Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425.

 

 >>> Vendor: Altova 4 Products
Mapforce
Databasespy 2011
Diffdog 2011
Mobiletogether server


Copyright 2024, cxsecurity.com

 

Back to Top