Novell Sentinel Log Manager vulnerabilities
2 known vulnerabilities affecting novell/sentinel_log_manager.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2012-6534P4MEDIUMCVSS 4.3PoC≤ 1.2.0.2v1.0.0.4+6 more2013-03-29
CVE-2012-6534 [MEDIUM] CWE-264 CVE-2012-6534: Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies
Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save Query As" "Save As Retention Policy" action.
nvd
CVE-2011-5028P4MEDIUMCVSS 4.0PoC≤ 1.2.0.1_9382011-12-29
CVE-2011-5028 [MEDIUM] CWE-22 CVE-2011-5028: Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.
Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.
nvd