CVE-2015-5970

2016-02-18T22:59:00
ID CVE-2015-5970
Type cve
Reporter cve@mitre.org
Modified 2016-03-10T20:01:00

Description

The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and read arbitrary text files, via a malformed query involving a system entity reference.