Hi,


I have a question in regards to Zenworks. Is it possible to upgrade the version of Zenworks without upgrading the OES version?

Why i ask is that our security partner has found a vulnerability on our Zenworks server port 443(see below).

"Was able to read the contents of a file on host using the following request:

/zenworks-unmaninv/?action=GetFile&Filename=../../catalog.ini&Type=4&Platform=11&Lang=0

All hosts noted above had the particular vulnerable on port 443".


Thank You
Mac