CVE-2013-1093

Novell ZENworks Configuration Management <11.2.3a - Open Redirect

Title source: llm
STIX 2.1

Description

Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage parameter.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/kb/doc.php?id=7012027
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/kb/doc.php?id=7012025
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/kb/doc.php?id=7012499

Scores

EPSS 0.0078
EPSS Percentile 73.9%

Details

CWE
CWE-20
Status published
Products (4)
novell/zenworks_configuration_management 11.2
novell/zenworks_configuration_management 11.2.1
novell/zenworks_configuration_management 11.2.2
novell/zenworks_configuration_management 11.2.3
Published Jun 17, 2013
Tracked Since Feb 18, 2026