CVE-2014-6260

Name of the Vulnerable Software and Affected Versions Zenoss Core versions through 5 Beta 3

Description The issue allows remote attackers to execute arbitrary commands or cause a denial of service by modifying the pager command string without requiring a password, potentially leveraging an unattended workstation.

Recommendations For Zenoss Core versions through 5 Beta 3, consider implementing password protection for modifying the pager command string to prevent unauthorized access. As a temporary workaround, ensure workstations are attended at all times to minimize the risk of exploitation.