CVE-2013-3268

Novell iManager <2.7 - Info Disclosure

Title source: llm

Description

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.

References (4)

[Vendor Advisory] http://www.novell.com/support/kb/doc.php?id=7010166

[Issue Tracking] https://bugzilla.novell.com/show_bug.cgi?id=807429

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/59450

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/83761

Scores

EPSS 0.0017

EPSS Percentile 37.6%

Classification

CWE

CWE-287

Status draft

Affected Products (17)

novell/imanager < 2.7

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

... and 2 more

Timeline

Published Apr 24, 2013

Tracked Since Feb 18, 2026