Cross-Site Scripting in Novell ZENworks Configuration Management
CVE-2012-6344

6.1MEDIUM

Key Information:

Vendor: Novell
Status: Zenworks Configuration Management
Vendor: CVE Published:; 25 January 2020

Summary

The XSS vulnerability in Novell ZENworks Configuration Management allows attackers to inject malicious scripts into web pages viewed by users. This flaw can result in unauthorized actions on behalf of users, compromising sensitive information and leading to further security breaches. It is essential for organizations to update their systems to versions 11.2.4 or later to mitigate this risk.

References

https://support.microfocus.com/kb/doc.php?id=7012761

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 25, 2020
Vulnerability Reserved
Dec 13, 2012