Cross-Site Request Forgery Vulnerability in Novell ZENworks Configuration Management
CVE-2013-6346

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks Configuration Management
Vendor: CVE Published:; 2 November 2013

Summary

A cross-site request forgery vulnerability exists in the ZCC page of Novell ZENworks Configuration Management prior to version 11.2.4. This flaw enables remote attackers to exploit weaknesses in the application, potentially allowing them to hijack the authentication of users without their consent. Attackers may utilize unknown vectors to carry out these malicious activities, posing a significant security threat to organizations relying on this software for configuration management.

References

http://www.novell.com/support/kb/doc.php?id=7012027

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 2, 2013