Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zenworks configuration management vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1084
Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote malicious users to read arbitrary files via a .. (dot dot) in the Filename parameter in a GetFile action to zenworks-unmaninv/.
Novell Zenworks Configuration Management 11.2.3
NA
CVE-2013-1094
Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via an invalid locale.
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
NA
CVE-2013-1095
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onError event.
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
NA
CVE-2013-1097
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onload event.
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
NA
CVE-2013-1093
Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing att...
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
NA
CVE-2013-1079
Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 up to and including 11.2 allows remote malicious users to execute arbitrary local DLL files via ...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.3.1
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 11.1
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 11.1a
NA
CVE-2013-1080
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 prior to 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote malicious users to conduct directory traversal attacks, and consequently upload and execute arbi...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11.2
1 EDB exploit
NA
CVE-2012-4933
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote malicious users to obta...
Novell Zenworks Asset Management 7.5
NA
CVE-2011-2657
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote malicious users to execute arbitrary commands v...
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11
1 EDB exploit
NA
CVE-2011-2658
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote malicious users to execute arbitrary code by leveraging unspecified mscomct2 flaws.
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »