Unauthenticated Remote Access Vulnerability in Zoho NetFlow Analyzer

Unauthenticated Remote Access Vulnerability in Zoho NetFlow Analyzer

CVE-2015-2959 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.

Learn more about our Web Application Penetration Testing UK.