2 matches found
CVE-2015-0784
This CVE affects Novell ZENworks Configuration Management (ZCM). The vulnerability is in Rtrlet.class, where a remote attacker can obtain Session IDs of logged-in users by sending a POST request with the maintenance variable set to ShowLogins. The issue is an information-disclosure flaw; exploita...
Novell ZENworks Configuration Management Session ID Information Disclosure (CVE-2015-0784)
An information disclosure vulnerability exists in Novell ZENworks Configuration Management. The vulnerability is due to exposure of insecure functionality within Rtrlet.class. A remote unauthenticated attacker can leverage this vulnerability to disclosure Session IDs of the logged in users which...