Novell Zenworks Configuration Management Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

11.2	8
10.0	4
10.1	4
10.2	4
11.0	4

Remediation

Official Fix	18
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	12

Exploitability

High	4
Functional	0
Proof-of-Concept	4
Unproven	2
Not Defined	20

Access Vector

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	30

Authentication

Not Defined	0
High	0
Low	2
None	28

User Interaction

Not Defined	0
Required	8
None	22

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	10
≤7	6
≤8	8
≤9	4
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	0
≤5	4
≤6	10
≤7	10
≤8	2
≤9	4
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	0
≤5	4
≤6	12
≤7	2
≤8	10
≤9	2
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	2
≤8	4
≤9	0
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	0
<2k	2
<5k	0
<10k	12
<25k	14
<50k	2
<100k	0
≥100k	0

Exploit Today

<1k	20
<2k	0
<5k	6
<10k	4
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Versions (16): 10.0, 10.1, 10.2, 10.3, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 11.0, 11.1, 11.1a, 11.2, 11.2.3, 11.3, 11.3.1, 11.4

Link to Product Website: https://www.novell.com/

Software Type: Policy Management Software

Published	Base	Temp	Vulnerability	0day	Today	Exp	Rem	CTI	CVE
08/09/2017	8.5	8.5	Novell ZENworks Configuration Management Preboot Policy Service memory corruption	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00	CVE-2015-0786
08/09/2017	6.4	6.4	Novell ZENworks Configuration Management Folder information disclosure	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2015-0785
08/09/2017	6.4	6.4	Novell ZENworks Configuration Management Rtrlet.class ShowLogins information disclosure	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2015-0784
08/09/2017	5.4	5.4	Novell ZENworks Configuration Management FileViewer File information disclosure	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.02	CVE-2015-0783
08/09/2017	8.5	8.5	Novell ZENworks Configuration Management ScheduleQuery sql injection	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00	CVE-2015-0782
08/09/2017	8.5	8.5	Novell ZENworks Configuration Management doPost path traversal	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00	CVE-2015-0781
08/09/2017	8.5	8.5	Novell ZENworks Configuration Management GetReRequestData sql injection	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00	CVE-2015-0780
02/18/2016	5.3	5.1	Novell ZENworks Configuration Management RPC ChangePassword XPath code injection	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2015-5970
06/07/2015	7.3	7.0	Novell ZENworks Configuration Management UploadServlet path traversal	$5k-$25k	$0-$5k	High	Official Fix	0.00	CVE-2015-0779
06/07/2015	7.3	6.6	Novell ZENworks Configuration Management Remote Management Component UploadServlet path traversal	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2010-5324