Information Disclosure Vulnerability in Novell ZENworks Asset Management
CVE-2012-4933

Currently unrated

Key Information:

Vendor

Novell
Status
Zenworks Asset Management
Vendor
CVE Published:
20 October 2012

What is CVE-2012-4933?

The rtrlet web application within Novell ZENworks Asset Management 7.5 features hard-coded credentials that can be exploited by attackers to gain unauthorized access. Specifically, a hard-coded username 'Ivanhoe' and a password 'Scott' are used for the operations GetFile_Password and GetConfigInfo_Password. This flaw allows a remote attacker to manipulate requests directed at the HandleMaintenanceCalls function, potentially exposing sensitive information. Organizations using this product should take immediate action to secure their systems and review access controls.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1027682
vdb-entryx_refsource_SECTRACK
https://community.rapid7.com/community/metasploit/blog/20...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/79252
vdb-entryx_refsource_XF

EPSS Score

75% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.