← Back

CVE-2013-6347

nvd nist
Published: Nov 2, 2013Modified: Apr 29, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.

Affected (9)

Novell
1 product
Zenworks Configuration Management
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Novell
Zenworks Configuration Management
Up to 11.2.3
Zenworks Configuration Management
Version 10.2
Zenworks Configuration Management
Version 10.3.1
Zenworks Configuration Management
Version 10.3.2
Zenworks Configuration Management
Version 10.3.3
Zenworks Configuration Management
Version 10.3
Zenworks Configuration Management
Version 11.2
Zenworks Configuration Management
Version 11
Zenworks Configuration Management
Version 11 sp1

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (2)

Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.