CVE-2013-6346

Novell ZENworks Configuration Management < 11.2.4 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/kb/doc.php?id=7012027

Scores

EPSS 0.0029
EPSS Percentile 52.9%

Details

CWE
CWE-352
Status published
Products (8)
novell/zenworks_configuration_management 10.2
novell/zenworks_configuration_management 10.3
novell/zenworks_configuration_management 10.3.1
novell/zenworks_configuration_management 10.3.2
novell/zenworks_configuration_management 10.3.3
novell/zenworks_configuration_management 11 (2 CPE variants)
novell/zenworks_configuration_management 11.2
novell/zenworks_configuration_management < 11.2.3
Published Nov 02, 2013
Tracked Since Feb 18, 2026