What is the severity of CVE-2013-1080?

CVE-2013-1080 is considered a high severity vulnerability due to its potential for directory traversal and arbitrary code execution.

How do I fix CVE-2013-1080?

To mitigate CVE-2013-1080, upgrade to ZENworks Configuration Management version 11.2.4 or later, which addresses the authentication issue.

What types of attacks can CVE-2013-1080 allow?

CVE-2013-1080 allows attackers to perform directory traversal attacks, enabling them to upload and execute arbitrary programs.

Which software versions are affected by CVE-2013-1080?

CVE-2013-1080 affects Novell ZENworks Configuration Management versions 10.3 and 11.2 prior to 11.2.4.

Is remote exploitation possible with CVE-2013-1080?

Yes, CVE-2013-1080 can be exploited remotely, allowing attackers to bypass authentication and perform unauthorized actions.

Vulnerability/
CVE-2013-1080

critical

CWE

287

29/3/2013

13/12/2013

CVE-2013-1080

First published: Fri Mar 29 2013(Updated: )

The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Micro Focus ZENworks Configuration Management	=10.3
Micro Focus ZENworks Configuration Management	=11.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-1080?
CVE-2013-1080 is considered a high severity vulnerability due to its potential for directory traversal and arbitrary code execution.
How do I fix CVE-2013-1080?
To mitigate CVE-2013-1080, upgrade to ZENworks Configuration Management version 11.2.4 or later, which addresses the authentication issue.
What types of attacks can CVE-2013-1080 allow?
CVE-2013-1080 allows attackers to perform directory traversal attacks, enabling them to upload and execute arbitrary programs.
Which software versions are affected by CVE-2013-1080?
CVE-2013-1080 affects Novell ZENworks Configuration Management versions 10.3 and 11.2 prior to 11.2.4.
Is remote exploitation possible with CVE-2013-1080?
Yes, CVE-2013-1080 can be exploited remotely, allowing attackers to bypass authentication and perform unauthorized actions.

agent/type
agent/references
agent/last-modified-date
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
agent/description
agent/severity
agent/author
agent/softwarecombine
agent/tags
agent/event
vendor/novell
canonical/novell zenworks configuration management
version/novell zenworks configuration management/10.3
version/novell zenworks configuration management/11.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.