Shodan
Vulnerabilities
Vulnerable Software
Novell:  >> Zenworks Configuration Management  >> 11.2.1  Security Vulnerabilities
CVE-2015-0779
Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324.
CVSS Score
10.0
EPSS Score
0.812
Published
2015-06-07
CVE-2013-1097
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event.
CVSS Score
4.3
EPSS Score
0.013
Published
2013-06-17
CVE-2013-1093
Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage parameter.
CVSS Score
5.8
EPSS Score
0.02
Published
2013-06-17
CVE-2013-1094
Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via an invalid locale.
CVSS Score
4.3
EPSS Score
0.024
Published
2013-06-17
CVE-2013-1095
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError event.
CVSS Score
4.3
EPSS Score
0.013
Published
2013-06-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved