Short Name |
HTTP:SQL:NOVELL-ZENWORKS |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Novell ZENworks Configuration Management GetStoredResult.class SQL Injection |
Release Date |
2015/05/06 |
Update Number |
2492 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against ZENworks Configuration Management.A successful attack can lead to access of sensitive information.
SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.