2 matches found
CVE-2014-6257
Zenoss Core through 5 Beta 3 allows remote attackers to bypass intended access restrictions by using a web-endpoint URL to invoke an object helper method, aka ZEN-15407...
CVE-2014-6257
Zenoss Core (through 5 Beta 3) contains a systemic authorization bypass (CVE-2014-6257) that lets remote attackers use a web-endpoint URL to invoke an object helper method, bypassing access restrictions. Affects Zenoss Core 4.x/5 Beta 3; no exploit details are provided in the sources. Remediation...