CVE-2012-2223

The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing (XST) attacks via unspecified vectors.

Published: Apr 11, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-2223
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
novell / zenworks_configuration_management	11.1a	11.1a.x
novell / zenworks_configuration_management	11.1	11.1.x
novell / zenworks_configuration_management	10.3.2	10.3.2.x
novell / zenworks_configuration_management	10.3.1	10.3.1.x
novell / zenworks_configuration_management	11	11.x
novell / zenworks_configuration_management	10.3	10.3.x
novell / zenworks_configuration_management	10.3.3	10.3.3.x

http://www.novell.com/support/viewContent.do?externalId=7008244
http://www.novell.com/support/viewContent.do?externalId=7010044
http://www.novell.com/support/viewContent.do?externalId=7010137
https://exchange.xforce.ibmcloud.com/vulnerabilities/74818

Vulnerability Database

CVE-2012-2223