The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote malicious users to conduct XPath injection attacks, and read arbitrary text files, via a malformed query involving a system entity reference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell zenworks configuration management 11.4.0 |
||
novell zenworks configuration management 11.3.2 |
||
novell zenworks configuration management 11.3.1 |
||
novell zenworks configuration management 11.3.0 |
||
novell zenworks configuration management 11.4.1 |