VYPR
Unrated severityNVD Advisory· Published Dec 29, 2011· Updated Jun 16, 2026

CVE-2011-5028

CVE-2011-5028

Description

Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:novell:sentinel_log_manager:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:novell:sentinel_log_manager:*:*:*:*:*:*:*:*range: <=1.2.0.1_938
    • (no CPE)range: <=1.2.0.1_938
  • Novell/Sentinelllm-create
    Range: <7.0.1.0

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.