Unrated severityNVD Advisory· Published Apr 18, 2011· Updated Apr 29, 2026

CVE-2010-4229

Description

Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allows remote attackers to overwrite files, and subsequently execute arbitrary code, via directory traversal sequences in a filename field in an upload request.

Affected products

Novell/Zenworks Configuration Management3 versions
cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*
- cpe:2.3:a:novell:zenworks_configuration_management:10.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/44120nvdVendor Advisory
www.novell.com/support/viewContent.donvdVendor Advisory
www.vupen.com/english/advisories/2011/0917nvdVendor Advisory
securityreason.com/securityalert/8207nvd
securitytracker.com/idnvd
www.securityfocus.com/archive/1/517425/100/0/threadednvd
www.securityfocus.com/bid/47295nvd
zerodayinitiative.com/advisories/ZDI-11-118/nvd
exchange.xforce.ibmcloud.com/vulnerabilities/66656nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.027
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000