CVE-2013-1084

Currently unrated 🤨

Key Information

Vendor
Novell
Status
Zenworks Configuration Management
Vendor
CVE Published:
2 November 2013

Summary

Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename parameter in a GetFile action to zenworks-unmaninv/.

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved.

  • Vulnerability published.

Collectors

NVD DatabaseMitre Database
.