Novell Sentinel Log Manager prior to 1.2.0.3 allows remote malicious users to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save Query As" "Save As Retention Policy" action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell sentinel log manager 1.2 |
||
novell sentinel log manager 1.2.0.1 |
||
novell sentinel log manager 1.1.0.0 |
||
novell sentinel log manager 1.1.0.1 |
||
novell sentinel log manager 1.0.0.4 |
||
novell sentinel log manager 1.0.0.5 |
||
novell sentinel log manager |
||
novell sentinel log manager 1.1.0.2 |