Novell : Security Vulnerabilities, CVEs, Published In March 2013
CVE-2013-1081
Public exploit
Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter.
Max CVSS
7.5
EPSS Score
94.36%
Published
2013-03-11
Updated
2013-03-18
CVE-2013-1080
Public exploit
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.
Max CVSS
10.0
EPSS Score
89.50%
Published
2013-03-29
Updated
2013-12-13
2 vulnerabilities found