List of security vulnerabilities fixed in Zoho Analytics On-Premise
This page contains a list of all security vulnerabilities fixed in Zoho Analytics On-Premise along with their CVE ID and the fixed build number.
| CVE ID/ZVE ID | Synopsis | Severity | Affected Builds | Fixed in |
|---|---|---|---|---|
| CVE-2024-9100 | A Local File Inclusion (LFI) vulnerability has been discovered in Zoho Analytics On-Premise. This vulnerability enables an authenticated user to read arbitrary files from the server's file system through HSQLDB queries, potentially exposing sensitive information. | Medium | Zoho Analytics On-Premise builds below 5410 | Build 5410 |
| CVE-2024-52323 | A Sensitive Data Exposure vulnerability has been identified in Zoho Analytics On-Premise, allowing an authenticated user to retrieve sensitive tokens associated to the org-admin account. This could potentially lead to unintended privilege escalation. | High | Zoho Analytics On-Premise builds below 6100 | Build 6100 |
| CVE-2025-1724 | A vulnerability has been discovered in Zoho Analytics On-Premise, which allows unauthorized access to authenticated AD user accounts. This could potentially lead to the unauthorized exposure of user information. | High | Zoho Analytics On-Premise Windows builds below 6130 | Build 6130 |