Loading
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412.
Cite this page
CVE-2014-6260. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2014-6260
Use CWE-77, Zenoss vendor hub and Zenoss Core product page to widen CVE-2014-6260 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2014-6261, CVE-2014-6262 and CVE-2014-9249 for nearby disclosures in the same product family.