CVE-2020-8540

An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
Configurations

Configuration 1

cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:*:*:*:*

Information

Published : 2020-03-11 05:15

Updated : 2021-07-21 11:39


NVD link : CVE-2020-8540

Mitre link : CVE-2020-8540

CWE
CWE-611

Improper Restriction of XML External Entity Reference

CWE-918

Server-Side Request Forgery (SSRF)