What is CVE-2011-2657?

CVE-2011-2657 is a vulnerability in Novell Zenworks_configuration_management, classified under Path Traversal. Published 2012-07-26.

Is CVE-2011-2657 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Novell Zenworks_configuration_management

CVE-2011-2657

Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attack…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.699 (98.7th percentile) — read the EPSS interpretation.

Affected products

Novell Zenworks_configuration_management — versions 10.2, 10.3, 11
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
19718 (Exploit, exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2011-2657?: CVE-2011-2657 is a vulnerability in Novell Zenworks_configuration_management, classified under Path Traversal. Published 2012-07-26.
Is CVE-2011-2657 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.