Remote Session ID Exposure in Novell ZENworks Configuration Management (ZCM)

Remote Session ID Exposure in Novell ZENworks Configuration Management (ZCM)

CVE-2015-0784 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable.

Learn more about our User Device Pen Test.