CVE-2015-0783

Published: Aug 9, 2017Modified: May 13, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated users to read arbitrary files via the filename variable.

Affected (1)

Products: Novell: Zenworks Configuration Management

Novell

1 product

Zenworks Configuration Management

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Novell Zenworks Configuration Management	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.securitytracker.com/id/1032166

Source: security@opentext.com

http://www.zerodayinitiative.com/advisories/ZDI-15-150

Source: security@opentext.com

https://www.novell.com/support/kb/doc.php?id=7016431

Source: security@opentext.com

http://www.securitytracker.com/id/1032166

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zerodayinitiative.com/advisories/ZDI-15-150

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.novell.com/support/kb/doc.php?id=7016431

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.