Loading
Cross-site request forgery (CSRF) vulnerability in Zenoss Core through 5 Beta 3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger arbitrary code execution via a ZenPack upload, aka ZEN-15388.
Cite this page
CVE-2014-9385. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2014-9385
Use CWE-352, Zenoss vendor hub and Zenoss Core product page to widen CVE-2014-9385 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2014-6261, CVE-2014-6262 and CVE-2014-9249 for nearby disclosures in the same product family.