Arbitrary Folder Read Vulnerability in Novell ZENworks Configuration Management (ZCM)

Arbitrary Folder Read Vulnerability in Novell ZENworks Configuration Management (ZCM)

CVE-2015-0785 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable.

Learn more about our Web Application Penetration Testing UK.