Unrated severityNVD Advisory· Published Jun 9, 2015· Updated Jun 17, 2026
CVE-2015-2959
CVE-2015-2959
Description
Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:-:*:*:*:*:*:*:*
- Range: <= build 10250
Patches
Vulnerability mechanics
References
5- support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250nvdPatchVendor Advisory
- jvn.jp/en/jp/JVN25598413/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2015-000075nvdVendor Advisory
- www.securityfocus.com/bid/75065nvd
- www.securitytracker.com/id/1032516nvd
News mentions
0No linked articles in our index yet.