Novell ZENworks Mobile Management Local File Include Vulnerability Network Vulnerability

Summary

Novell ZENworks Mobile Management is prone to a local file include vulnerability because it fails to adequately validate user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer other attacks are also possible. Novell ZENworks Mobile Management 2.6.0, 2.6.1 and 2.7.0 are vulnerable.

Solution

Updates are available. Please see the references or vendor advisory for more information.

References

http://www.novell.com/support/kb/doc.php?id=7011895
http://www.securityfocus.com/bid/58402

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1081

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ad Manager Pro Multiple SQL Injection And XSS Vulnerabilities
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
Atutor AContent Multiple SQL Injection and XSS Vulnerabilities
Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
Awstats Configuration File Remote Arbitrary Command Execution Vulnerability

Take action and discover your vulnerabilities