What is CVE-2015-0780?

CVE-2015-0780 is a critical-severity vulnerability in Novell Zenworks_configuration_management, classified under SQL Injection. CVSS score: 9.8/10. Published 2017-08-09.

How severe is CVE-2015-0780?

Critical severity. CVSS v3 base score is 9.8 out of 10.

SQL Injection in Novell Zenworks_configuration_management

CVE-2015-0780

SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Vulnerability class: SQL Injection

EPSS: 0.036 (87.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Novell Zenworks_configuration_management
N/a — versions n/a

Weakness classification (CWE)

CWE-89 — SQL Injection

References

security@opentext.com (vdb-entry, x_refsource_SECTRACK)
security@opentext.com (vdb-entry, x_refsource_BID)
security@opentext.com (x_refsource_CONFIRM)
security@opentext.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2015-0780?: CVE-2015-0780 is a critical-severity vulnerability in Novell Zenworks_configuration_management, classified under SQL Injection. CVSS score: 9.8/10. Published 2017-08-09.
How severe is CVE-2015-0780?: Critical severity. CVSS v3 base score is 9.8 out of 10.