Back to search
CVE-2013-1080
Published: Mar 29, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.novell.com/support/kb/doc.php?id=7011812
x_refsource_CONFIRM
http://www.novell.com/support/kb/doc.php?id=7012027
x_refsource_CONFIRM
http://www.zerodayinitiative.com/advisories/ZDI-13-049/
x_refsource_MISC
24938
exploit
x_refsource_EXPLOIT-DB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now