Data Retention Policy Vulnerability in Novell Sentinel Log Manager
CVE-2012-6534

Currently unrated

Key Information:

Vendor

Novell
Status
Sentinel Log Manager
Vendor
CVE Published:
29 March 2013

What is CVE-2012-6534?

The vulnerability in Novell Sentinel Log Manager allows remote attackers to exploit improper access control. By sending a specially crafted request to the datastore service, attackers can create malicious data retention policies. Additionally, authenticated Report Administrators can be manipulated to create unintentional policies through the 'Save As Retention Policy' feature during search results actions. This vulnerability poses risks to data integrity and security as it enables unauthorized modifications to data retention strategies.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/fulldisclosure/2012/Oct/25
mailing-listx_refsource_FULLDISC
http://support.novell.com/docs/Readmes/InfoDocument/patch...
x_refsource_CONFIRM
https://bugzilla.novell.com/show_bug.cgi?id=771634
x_refsource_CONFIRM

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.