Zenoss : Security Vulnerabilities, CVEs, CVSS score >= 8
Zenoss Core through 5 Beta 3 does not properly implement the Check For Updates feature, which allows remote attackers to execute arbitrary code by (1) spoofing the callhome server or (2) deploying a crafted web site that is visited during a login session, aka ZEN-12657.
Max CVSS
9.3
EPSS Score
87.22%
Published
2014-12-15
Updated
2016-03-21
1 vulnerabilities found