The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing (XST) attacks via unspecified vectors.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.novell.com/support/viewContent.do?externalId=7008244 - | |
References | () http://www.novell.com/support/viewContent.do?externalId=7010044 - | |
References | () http://www.novell.com/support/viewContent.do?externalId=7010137 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/74818 - |
Information
Published : 2012-04-11 10:39
Updated : 2024-11-21 01:38
NVD link : CVE-2012-2223
Mitre link : CVE-2012-2223
CVE.ORG link : CVE-2012-2223
JSON object : View
Products Affected
novell
- zenworks_configuration_management
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor