4 matches found
CVE-2015-0784
Rtrlet.class in Novell ZENworks Configuration Management ZCM allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable...
CVE-2015-0784
This CVE affects Novell ZENworks Configuration Management (ZCM). The vulnerability is in Rtrlet.class, where a remote attacker can obtain Session IDs of logged-in users by sending a POST request with the maintenance variable set to ShowLogins. The issue is an information-disclosure flaw; exploita...
CVE-2015-0784
Rtrlet.class in Novell ZENworks Configuration Management ZCM allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable...
Novell Zenworks Rtrlet.class Session ID Disclosure Vulnerability
This vulnerability allows attackers to disclose Session ID's of logged in users on vulnerable installations of Novell Zenworks. User interaction is not required to exploit this vulnerability. The specific flaw exists within Rtrlet.class. By sending a POST request with the maintenance variable set...