CVE-2019-7427

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine Netflow Analyzer Professional version 7.0.0.2

Description A security issue exists in the Administration zone of the software, specifically in the "/netflow/jspui/linkdownalertConfig.jsp" file. The autorefTime or graphTypes parameters are affected.

Recommendations For version 7.0.0.2, as a temporary workaround, consider restricting access to the "/netflow/jspui/linkdownalertConfig.jsp" file until a patch is available. Avoid using the autorefTime or graphTypes parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.