Lucene search
MitreCVE-2011-2654HistorySep 06, 2011 - 3:55 p.m.
CVE-2011-2654
2011-09-0615:55:02
CWE-20
mitre
web.nvd.nist.gov
24
cve-2011-2654
novell cloud manager
rpc
remote code execution
security vulnerability
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
Low
EPSS
0.346
Percentile
97.2%
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session.
Affected configurations
Node
novellcloud_managerRange≤1.1.2patch2
ORnovellcloud_managerMatch1.1.2
ORnovellcloud_managerMatch1.1.2patch1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | cloud_manager | * | cpe:2.3:a:novell:cloud_manager:*:patch2:*:*:*:*:*:* |
| novell | cloud_manager | 1.1.2 | cpe:2.3:a:novell:cloud_manager:1.1.2:*:*:*:*:*:*:* |
| novell | cloud_manager | 1.1.2 | cpe:2.3:a:novell:cloud_manager:1.1.2:patch1:*:*:*:*:*:* |
Related
zdi
zdi
Novell Cloud Manager Insufficient Framework User Validation Vulnerability
2011-09-02 00:00:00
nvd
nvd
CVE-2011-2654
2011-09-06 15:55:02
securityvulns
securityvulns
Cloud Manager unaurhozied access
2011-09-09 00:00:00
prion
prion
Session fixation
2011-09-06 15:55:00
cvelist
cvelist
CVE-2011-2654
2011-09-06 15:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
Low
EPSS
0.346
Percentile
97.2%
Related for CVE-2011-2654