icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Novell iManager < 2.7 SP1 Property Book Pages Security Bypass

Medium

Synopsis

The remote web server is affected by a security bypass vulnerability.

Description

Novell iManager is installed on the remote host. The version of iManager installed reportedly fails to implement sufficient access control checks on 'Property Book Pages' created with Plug-in Studio before granting delete privileges on them to a user.

Solution

Upgrade to version 2.7 SP1 (iManager 2.7.1) or higher.