CVE-2013-6344

2013-11-0220:55:03

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

40.1%

JSON

The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors.

Affected configurations

Nvd

Node

novellzenworks_configuration_managementRange≤11.2.3

novellzenworks_configuration_managementMatch10.2

novellzenworks_configuration_managementMatch10.3

novellzenworks_configuration_managementMatch10.3.1

novellzenworks_configuration_managementMatch10.3.2

novellzenworks_configuration_managementMatch10.3.3

novellzenworks_configuration_managementMatch11

novellzenworks_configuration_managementMatch11sp1

novellzenworks_configuration_managementMatch11.2

VendorProductVersionCPE
novellzenworks_configuration_management*cpe:2.3:a:novell:zenworks_configuration_management:*:*:*:*:*:*:*:*
novellzenworks_configuration_management10.2cpe:2.3:a:novell:zenworks_configuration_management:10.2:*:*:*:*:*:*:*
novellzenworks_configuration_management10.3cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*
novellzenworks_configuration_management10.3.1cpe:2.3:a:novell:zenworks_configuration_management:10.3.1:*:*:*:*:*:*:*
novellzenworks_configuration_management10.3.2cpe:2.3:a:novell:zenworks_configuration_management:10.3.2:*:*:*:*:*:*:*
novellzenworks_configuration_management10.3.3cpe:2.3:a:novell:zenworks_configuration_management:10.3.3:*:*:*:*:*:*:*
novellzenworks_configuration_management11cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*
novellzenworks_configuration_management11cpe:2.3:a:novell:zenworks_configuration_management:11:sp1:*:*:*:*:*:*
novellzenworks_configuration_management11.2cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	zenworks_configuration_management	*	cpe:2.3:a:novell:zenworks_configuration_management::::::::
novell	zenworks_configuration_management	10.2	cpe:2.3:a:novell:zenworks_configuration_management:10.2:::::::*
novell	zenworks_configuration_management	10.3	cpe:2.3:a:novell:zenworks_configuration_management:10.3:::::::*
novell	zenworks_configuration_management	10.3.1	cpe:2.3:a:novell:zenworks_configuration_management:10.3.1:::::::*
novell	zenworks_configuration_management	10.3.2	cpe:2.3:a:novell:zenworks_configuration_management:10.3.2:::::::*
novell	zenworks_configuration_management	10.3.3	cpe:2.3:a:novell:zenworks_configuration_management:10.3.3:::::::*
novell	zenworks_configuration_management	11	cpe:2.3:a:novell:zenworks_configuration_management:11:::::::*
novell	zenworks_configuration_management	11	cpe:2.3:a:novell:zenworks_configuration_management:11:sp1::::::
novell	zenworks_configuration_management	11.2	cpe:2.3:a:novell:zenworks_configuration_management:11.2:::::::*