CVE-2013-1080 in Novell ZENworks Control Centerinfo

Summary

The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.

Reservation

01/11/2013

Disclosure

03/29/2013

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
8089	Novell ZENworks Control Center Authentication index.jsp improper authentication	287	High	Official fix	CVE-2013-1080

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!