Sensitive Information Exposure in Novell ZENworks Configuration Management Software
CVE-2012-6345

7.5HIGH

Key Information:

Vendor: Novell
Status: Zenworks Configuration Management
Vendor: CVE Published:; 25 January 2020

What is CVE-2012-6345?

A flaw in Novell ZENworks Configuration Management prior to version 11.2.4 allows unauthorized access to sensitive trace information, which could be exploited by malicious actors to gather critical system data, potentially leading to further security breaches. It is crucial for users of affected versions to update their software to mitigate the risk of information exposure.

References

https://support.microfocus.com/kb/doc.php?id=7012763

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 25, 2020
Vulnerability Reserved
Dec 13, 2012