CVE-2024-9100
published 2024-10-03CVE-2024-9100: Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal.
PriorityP336medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.48%
37.6th percentile
Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| manageengine | analytics_plus | < 5410 | 5410 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3qhf-rfv2-rc83: Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal
ghsa_unreviewed·2024-10-03
CVE-2024-9100 [MEDIUM] CWE-22 GHSA-3qhf-rfv2-rc83: Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal
Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal.
Citrix
Citrix Session Recording Security Bulletin for CVE-2024-8068 and CVE-2024-8069
vendor_citrix·2024-11-14·CVSS 5.1
CVE-2024-8068 [MEDIUM] CWE-269 Citrix Session Recording Security Bulletin for CVE-2024-8068 and CVE-2024-8069
Citrix Session Recording Security Bulletin for CVE-2024-8068 and CVE-2024-8069
of Problem A vulnerability has been discovered in Citrix Session Recording. Refer below for further details:
CVE References: CVE-2024-8068, CVE-2024-8069
Affected Products: Citrix Session Recording, Citrix Virtual Apps and Desktops, Session Recording, XenServer, session recording
Severity: Medium
CVSS Score: 5.1
Remediation:
Cloud Software Group strongly urges affected customers of Citrix Session Recording to install the relevant updated versions of Citrix Session Recording as soon as their upgrade schedule permits: Current Release (CR) Citrix Session Recording 2407 hotfix 24.5.200.8 and later Long Term Service Release (LTSR) Citrix Session Recording 1912 LTSR CU9 hotfix 19.12.9100.6 and later Citrix Session
Suricata
ET EXPLOIT HP Printer Attempted Path Traversal via PJL
suricata·2017-06-16
CVE-2017-2741 ET EXPLOIT HP Printer Attempted Path Traversal via PJL
ET EXPLOIT HP Printer Attempted Path Traversal via PJL
Rule: alert tcp any any -> $HOME_NET 9100 (msg:"ET EXPLOIT HP Printer Attempted Path Traversal via PJL"; flow:established,to_server; content:"@PJL FS"; depth:7; content:"NAME="; distance:0; pcre:"/^\s*[\x22\x27][^\x22\x27]{0,128}\x2e\x2e/Ri"; reference:url,www.tenable.com/blog/rooting-a-printer-from-security-bulletin-to-remote-code-execution; reference:cve,2017-2741; classtype:attempted-admin; sid:2024404; rev:5; metadata:created_at 2017_06_16, cve CVE_2017_2741, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_11_26, mitre_tactic_id TA0007, mitre_tactic_name Discovery, mitre_technique_id T1083, mitre_technique_name File_And_Directory_D
No public exploits indexed.
No writeups or analysis indexed.
2024-10-03
Published