Vulnerability Description
The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing (XST) attacks via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Zenworks Configuration Management | 10.3 |
Related Weaknesses (CWE)
References
- http://www.novell.com/support/viewContent.do?externalId=7008244
- http://www.novell.com/support/viewContent.do?externalId=7010044
- http://www.novell.com/support/viewContent.do?externalId=7010137Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74818
- http://www.novell.com/support/viewContent.do?externalId=7008244
- http://www.novell.com/support/viewContent.do?externalId=7010044
- http://www.novell.com/support/viewContent.do?externalId=7010137Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74818
FAQ
What is CVE-2012-2223?
CVE-2012-2223 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cr...
How severe is CVE-2012-2223?
CVE-2012-2223 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2223?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Zenworks Configuration Management.