What is CVE-2010-5324?

CVE-2010-5324 is a vulnerability in Novell Zenworks_configuration_management, classified under Path Traversal. Published 2015-06-07.

Is CVE-2010-5324 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Novell Zenworks_configuration_management

CVE-2010-5324

Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a zenworks-fileupload request with…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.741 (98.9th percentile) — read the EPSS interpretation.

Affected products

Novell Zenworks_configuration_management — versions 10.0, 10.1, 10.2
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)
39114 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2010-5324?: CVE-2010-5324 is a vulnerability in Novell Zenworks_configuration_management, classified under Path Traversal. Published 2015-06-07.
Is CVE-2010-5324 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.