Vulnerabilities > Novell > Zenworks Configuration Management > 11.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-18 | CVE-2015-5970 | Code Injection vulnerability in Novell Zenworks Configuration Management The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and read arbitrary text files, via a malformed query involving a system entity reference. | 5.3 |