Remote Code Execution Vulnerability in Novell ZENworks Configuration Management
CVE-2013-1080

Currently unrated

Key Information:

Vendor

Novell
Status
Zenworks Configuration Management
Vendor
CVE Published:
29 March 2013

What is CVE-2013-1080?

The web server component of Novell ZENworks Configuration Management versions prior to 11.2.4 is vulnerable to a remote code execution exploit due to improper authentication mechanisms for certain JSP pages. An attacker can exploit this vulnerability through crafted requests sent to TCP port 443, potentially allowing them to conduct directory traversal attacks. This can lead to unauthorized file uploads and execution of arbitrary programs, exposing the system to significant risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.novell.com/support/kb/doc.php?id=7011812
x_refsource_CONFIRM
http://www.novell.com/support/kb/doc.php?id=7012027
x_refsource_CONFIRM
http://www.zerodayinitiative.com/advisories/ZDI-13-049/
x_refsource_MISC

EPSS Score

72% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.