Novell IManager Multiple Vulnerabilities Network Vulnerability

Summary

The host is running Novell iManager and is prone to multiple unspecified vulnerabilities.

Impact

Successful exploitation may allow remote attackers to perform unauthorized actions and gain access to the affected application. Other attacks are also possible. Impact Level: Application

Solution

Apply the patch. For updates refer to https://www.novell.com/support/kb/doc.php?id=7010166 ***** NOTE: Ignore this warning if above mentioned patch is installed. *****

Insight

Multiple flaws due to, - Does not refresh a token after a logout action. - Does not require multiple steps or explicit confirmation for sensitive transactions.

Affected

Novell iManager version prior to 2.7 SP 6 patch 1

References

http://www.novell.com/support/kb/doc.php?id=7010166
http://www.osvdb.org/92269
http://www.osvdb.org/92270

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1088, CVE-2013-3268

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)
Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Mac OS X)

Novell iManager Multiple Vulnerabilities

Take action and discover your vulnerabilities