CVE-2021-40178 : Security Advisory and Response

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings.

Understanding CVE-2021-40178

Zoho ManageEngine Log360 before Build 5224 is susceptible to stored XSS due to a vulnerability in the LOGO_PATH key value.

What is CVE-2021-40178?

CVE-2021-40178 is a Common Vulnerabilities and Exposures (CVE) entry that highlights the stored cross-site scripting (XSS) issue in Zoho ManageEngine Log360 before Build 5224.

The Impact of CVE-2021-40178

This vulnerability allows attackers to execute malicious scripts in the context of a user's session, potentially leading to unauthorized data access or manipulation.

Technical Details of CVE-2021-40178

Zoho ManageEngine Log360 before Build 5224 is affected by the following technical details:

Vulnerability Description

Stored XSS vulnerability through the LOGO_PATH key value in the logon settings.

Affected Systems and Versions

Product: Zoho ManageEngine Log360
Vendor: Zoho
Versions Affected: All versions before Build 5224

Exploitation Mechanism

Attackers can exploit this vulnerability by injecting malicious scripts into the LOGO_PATH key value, which are then executed when accessed by an authenticated user.

Mitigation and Prevention

It is crucial to take immediate steps to mitigate and prevent the impact of CVE-2021-40178:

Immediate Steps to Take

Update Zoho ManageEngine Log360 to Build 5224 or later.
Restrict access to the logon settings to authorized personnel only.
Implement input validation to sanitize user-supplied data.

Long-Term Security Practices

Conduct regular security assessments and penetration testing.
Educate users on the importance of identifying and avoiding malicious content.

Patching and Updates

Stay vigilant for security advisories from Zoho and apply patches promptly to address known vulnerabilities.