Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1930

CWE-1894 documents4 sources
Severity
5.0MEDIUM
EPSS
23.0%
top 4.09%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Imanager
Timeline
PublishedJun 28
Latest updateMay 14

Description

Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDnovell/imanager2.7.0, 2.7.3+1

🔴Vulnerability Details

2
GHSA
GHSA-qjjg-j867-2gqq: Off-by-one error in Novell iManager 22022-05-14
CVEList
CVE-2010-1930: Off-by-one error in Novell iManager 22010-06-28

💥Exploits & PoCs

1
Exploit-DB
Novell iManager - Multiple Vulnerabilities2010-06-24
CVE-2010-1930 (MEDIUM CVSS 5) | Off-by-one error in Novell iManager | cvebase.io