Directory Traversal Vulnerability in Novell ZENworks Configuration Management
CVE-2013-3706

Currently unrated

Key Information:

Vendor

Novell
Status
Zenworks Configuration Management
Vendor
CVE Published:
6 March 2014

What is CVE-2013-3706?

A directory traversal vulnerability exists in the PreBoot service of Novell ZENworks Configuration Management (ZCM) version 11.2, which allows remote attackers to read arbitrary files by sending specially crafted preboot update pathnames that include '../' sequences. This flaw could result in unauthorized access to sensitive information, possibly exposing system configurations or user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.novell.com/support/kb/doc.php?id=7014663
x_refsource_CONFIRM
http://www.securityfocus.com/bid/65912
vdb-entryx_refsource_BID

EPSS Score

47% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.