Vulnerabilities > Novell > Sentinel LOG Manager > 1.1.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-03-29 | CVE-2012-6534 | Permissions, Privileges, and Access Controls vulnerability in Novell Sentinel LOG Manager Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save Query As" "Save As Retention Policy" action. | 4.3 |
2011-12-29 | CVE-2011-5028 | Path Traversal vulnerability in Novell Sentinel LOG Manager Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. | 4.0 |