Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4933


Vulnerability Score 7.8 7.8
CVE Id CVE-2012-4933
Last Modified 13 Feb 2013 11:57:19
Published 20 Oct 2012 02:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote attackers to obtain sensitive information via a crafted rtrlet/rtr request for the HandleMaintenanceCalls function.

Vulnerable Systems


  • Novell Zenworks Asset Management 7.5


CERT-VN - VU#332412


XF - novell-zam-info-disclosure(79252)

SECTRACK - 1027682

Last Updated: 27 May 2016 10:53:38