CVE-2021-45024
CRITICALASG-Zena Cross Platform Server Enterprise Edition 4.2.1 - XML External Entity Injection
Title source: llmDescription
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE).
References (3)
Core 3
Core References
Broken Link, URL Repurposed x_refsource_misc
http://asg-zena.com
Product x_refsource_misc
http://asg.com
Release Notes, Vendor Advisory x_refsource_misc
https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html
Scores
CVSS v3
9.8
EPSS
0.0129
EPSS Percentile
66.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-611
Status
published
Products (1)
rocketsoftware/ags-zena
4.2.1
Published
Jun 17, 2022
Tracked Since
Feb 18, 2026