Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zenworks_configuration_management
(Novell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 35 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-08-09 | CVE-2015-0786 | Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary code via unspecified vectors. | Zenworks_configuration_management | 9.8 | ||
| 2020-01-25 | CVE-2012-6345 | Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information. | Zenworks_configuration_management | N/A | ||
| 2020-01-25 | CVE-2012-6344 | Novell ZENworks Configuration Management before 11.2.4 allows XSS. | Zenworks_configuration_management | N/A | ||
| 2013-11-02 | CVE-2013-6347 | Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors. | Zenworks_configuration_management | N/A | ||
| 2013-11-02 | CVE-2013-6346 | Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | Zenworks_configuration_management | N/A | ||
| 2013-11-02 | CVE-2013-6345 | Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception." | Zenworks_configuration_management | N/A | ||
| 2013-11-02 | CVE-2013-6344 | The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors. | Zenworks_configuration_management | N/A | ||
| 2014-03-06 | CVE-2013-3706 | Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595. | Zenworks_configuration_management | N/A | ||
| 2013-06-17 | CVE-2013-1097 | Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event. | Zenworks_configuration_management | N/A | ||
| 2013-06-17 | CVE-2013-1095 | Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError event. | Zenworks_configuration_management | N/A |