Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Kace_systems_management_appliance
(Quest)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-01 | CVE-2022-38220 | An XSS vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.1 that may allow remote injection of arbitrary web script or HTML. | Kace_systems_management_appliance | 6.1 | ||
| 2022-08-02 | CVE-2022-29807 | A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php. | Kace_systems_management_appliance | 9.8 | ||
| 2022-08-02 | CVE-2022-29808 | In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled. | Kace_systems_management_appliance | 7.5 | ||
| 2022-08-02 | CVE-2022-30285 | In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. This may allow authentication with invalid credentials. | Kace_systems_management_appliance | 9.8 | ||
| 2019-11-06 | CVE-2019-13081 | Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via the title field in the /common/ticket_associated_tickets.php service desk ticket functionality) that allows an authenticated user to execute arbitrary JavaScript in a service desk user's browser. | Kace_systems_management_appliance | N/A |