CVE-2012-2223

The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing (XST) attacks via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
novellzenworks_configuration_management
10.3
novellzenworks_configuration_management
10.3.1
novellzenworks_configuration_management
10.3.2
novellzenworks_configuration_management
10.3.3
novellzenworks_configuration_management
11.1
novellzenworks_configuration_management
11.1a:a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.novell.com/support/viewContent.do?externalId=7008244
http://www.novell.com/support/viewContent.do?externalId=7010044
http://www.novell.com/support/viewContent.do?externalId=7010137
https://exchange.xforce.ibmcloud.com/vulnerabilities/74818
http://www.novell.com/support/viewContent.do?externalId=7008244
http://www.novell.com/support/viewContent.do?externalId=7010044
http://www.novell.com/support/viewContent.do?externalId=7010137
https://exchange.xforce.ibmcloud.com/vulnerabilities/74818