CVE-2015-0781

Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecified vectors.
Configurations

Configuration 1 (hide)

cpe:2.3:a:novell:zenworks_configuration_management:-:*:*:*:*:*:*:*

History

07 Nov 2023, 02:23

Type Values Removed Values Added
References (BID) http://www.securityfocus.com/bid/74291 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/74291 -
References (CONFIRM) https://www.novell.com/support/kb/doc.php?id=7016431 - Vendor Advisory () https://www.novell.com/support/kb/doc.php?id=7016431 -
References (MISC) http://www.zerodayinitiative.com/advisories/ZDI-15-151 - Third Party Advisory, VDB Entry () http://www.zerodayinitiative.com/advisories/ZDI-15-151 -

Information

Published : 2017-08-09 18:29

Updated : 2024-02-28 16:04


NVD link : CVE-2015-0781

Mitre link : CVE-2015-0781

CVE.ORG link : CVE-2015-0781


JSON object : View

Products Affected

novell

  • zenworks_configuration_management
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')