CVE-2013-6347

Novell Zenworks Configuration Management - Authentication Bypass

Title source: rule

Description

Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.

References (1)

[Vendor Advisory] http://www.novell.com/support/kb/doc.php?id=7012027

Scores

EPSS 0.0240

EPSS Percentile 84.8%

Classification

CWE

CWE-287

Status draft

Affected Products (9)

novell/zenworks_configuration_management < 11.2.3

novell/zenworks_configuration_management

novell/zenworks_configuration_management

novell/zenworks_configuration_management

novell/zenworks_configuration_management

novell/zenworks_configuration_management

novell/zenworks_configuration_management

novell/zenworks_configuration_management

novell/zenworks_configuration_management

Timeline

Published Nov 02, 2013

Tracked Since Feb 18, 2026