Novell ZENworks Mobile Management Local File Include Vulnerability Network Vulnerability

Summary

Novell ZENworks Mobile Management is prone to a local file include vulnerability because it fails to adequately validate user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer other attacks are also possible. Novell ZENworks Mobile Management 2.6.0, 2.6.1 and 2.7.0 are vulnerable.

Solution

Updates are available. Please see the references or vendor advisory for more information.

References

http://www.novell.com/support/kb/doc.php?id=7011895
http://www.securityfocus.com/bid/58402

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1081

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
AudiStat multiple vulnerabilities
AlefMentor Multiple SQL Injection Vulnerabilities
Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability

Take action and discover your vulnerabilities