GCVE - cpe:2.3:a:zohocorp:manageengine_netflow

Approved changes feed: RSS · Atom

cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.6:*:*:*:*:*:*:*

part: a version: 9.6 update: *

Vendor	Zohocorp (`4f1ab088-ab0e-54ac-b0dc-2304879a7502`)
Product	Manageengine Netflow Analyzer (`416246d7-4293-566a-9c10-cb82f3af80b6`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-5446`	vulnerable	2026-06-03 14:34:06.477542	Details available Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter. Published: 2014-12-04T17:00:00.000Z Updated: 2024-08-06T11:41:49.185Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/99046 https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html http://www.securityfocus.com/archive/1/534141/100/0/threaded http://www.securityfocus.com/bid/71404	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.