CVE-2022-38757 – CVE-2022-38757 ZENworks
https://notcve.org/view.php?id=CVE-2022-38757
A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions (e.g., install a bundle) on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone but which are outside the scope of the administrator. This vulnerability does not result in the administrators gaining additional rights on the managed devices, either in the scope or outside the scope of the administrator. Se ha identificado una vulnerabilidad en Micro Focus ZENworks 2020 Update 3a y versiones anteriores. Esta vulnerabilidad permite a los administradores con derechos para realizar acciones (por ejemplo, instalar un paquete) en un conjunto de dispositivos administrados, poder ejercer estos derechos en dispositivos administrados en la zona de ZENworks pero que están fuera del alcance del administrador. • https://kmviewer.saas.microfocus.com/#/PH_206719 https://kmviewer.saas.microfocus.com/#/PH_206720 https://portal.microfocus.com/s/article/KM000012895?language=en_US • CWE-269: Improper Privilege Management •
CVE-2013-1092
https://notcve.org/view.php?id=CVE-2013-1092
Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: folder, related to an attempted launch of (1) ZenRem32.exe or (2) wm.exe. Múltiples vulnerabilidades de búsqueda de ruta Windows sin entrecomillar en Novell ZENworks Desktop Management (ZDM)7 a la versión 7.1, podría permitir a usuarios locales elevar sus privilegios a través de un troyano en la carpeta C:. Relacionado con el intento de ejecutar (1) ZenRem32.exe o (2) wm.exe. • http://download.novell.com/Download?buildid=hT-LlTRPOfw~ http://www.novell.com/support/kb/doc.php?id=7012147 •
CVE-2011-2656
https://notcve.org/view.php?id=CVE-2011-2656
Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2655. Vulnerabilidad no especificada en ZfHSrvr.exe en Novell ZENworks Handheld Management (ZHM) v7 que permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2011-2655. • http://download.novell.com/Download?buildid=Fz0LYfG9qCU~ http://www.novell.com/support/viewContent.do?externalId=7009489 http://www.securityfocus.com/bid/50303 https://exchange.xforce.ibmcloud.com/vulnerabilities/70831 •
CVE-2011-2655
https://notcve.org/view.php?id=CVE-2011-2655
Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2656. Vulnerabilidad no especificada en ZfHSrvr.exe en Novell ZENworks Handheld Management (ZHM) v7 que permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2011-2656. • http://download.novell.com/Download?buildid=Fz0LYfG9qCU~ http://www.novell.com/support/viewContent.do?externalId=7009489 http://www.securityfocus.com/bid/50303 https://exchange.xforce.ibmcloud.com/vulnerabilities/70831 •
CVE-2011-0742
https://notcve.org/view.php?id=CVE-2011-0742
Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400. Desbordamiento de búfer en ZfHIPCND.exe para Novell ZENworks Handheld Management v7.0 permite a atacantes remotos ejecutar código de su elección a través de un IP Conduit manipulado al puerto TCP 2400. • http://osvdb.org/70694 http://secunia.com/advisories/43094 http://telussecuritylabs.com/threats/show/FSC20110125-06 http://www.novell.com/support/viewContent.do?externalId=7007663 http://www.securityfocus.com/archive/1/516045/100/0/threaded http://www.securityfocus.com/bid/46024 http://www.securitytracker.com/id?1024993 http://www.vupen.com/english/advisories/2011/0221 http://www.zerodayinitiative.com/advisories/ZDI-11-026 https://exchange.xforce.ibmcloud.com/vulnerabilities/64930 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •