Zenworks Configuration Management@11.2.2 Security Vulnerabilities and Issues — Zenworks Configuration Management@11.2.2 CVE List

Lucene search

NovellZenworks Configuration Management11.2.2

5 matches found

CVE•added 2015/06/07 11:59 p.m.•46 views

CVE-2015-0779

Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR cont...

10CVSS7.4AI score0.812EPSS

CVE•added 2013/06/17 11:38 a.m.•38 views

CVE-2013-1097

Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event.

4.3CVSS5.8AI score0.01297EPSS

CVE•added 2013/06/17 11:38 a.m.•37 views

CVE-2013-1093

Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage p...

5.8CVSS6.8AI score0.02021EPSS

CVE•added 2013/06/17 11:38 a.m.•36 views

CVE-2013-1094

Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via an invalid locale.

4.3CVSS5.8AI score0.02363EPSS

CVE•added 2013/06/17 11:38 a.m.•35 views

CVE-2013-1095

4.3CVSS5.8AI score0.01297EPSS