35 matches found
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Dell KACE K2000 < 3.3.52857 Multiple Vulnerabilities
The remote Dell KACE K2000 appliance is affected by multiple vulnerabilities : - The appliance stores the recovery account password in plaintext within a PHP script. CVE-2011-4046 - The appliance can allow arbitrary command execution by leveraging database write access. CVE-2011-4047 - An...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
CVE-2011-4048
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Default credentials
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
Code injection
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-4047
CVE-2011-4047 affects the Dell KACE K2000 System Deployment Appliance. The issue allows remote attackers to execute arbitrary commands by exploiting write access to the appliance’s database, enabling command execution on the target system. The vulnerability is tied to remote database access and i...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
CVE-2011-4048
Dell KACE K2000 System Deployment Appliance is affected by CVE-2011-4048 due to a default username/password for the read-only reporting account, enabling remote attackers to access the database and obtain sensitive information. The issue is described in multiple sources referencing default creden...
CVE-2011-4048
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext inside a PHP script, enabling context-dependent attackers to read sensitive data from script source. Several connected sources corroborate that this flaw can lead to privilege abuse and unauthorized ...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4436
Dell KACE K2000 System Deployment Appliance – the admin web interface is affected by multiple cross-site scripting (XSS) vulnerabilities, allowing remote attackers to inject arbitrary script/HTML via unspecified vectors. The connected documents confirm the same CVE in NVD/Red Hat/Nessus entries, ...
Dell KACE K2000 Detection
The web interface for the Dell KACE K2000 is running at this Host. OpenVAS Vulnerability Test $Id: gbdellkace2000webdetect.nasl 6701 2017-07-12 13:04:06Z cfischer $ Dell KACE K2000 Detection Authors: Michael Meyer Copyright: Copyright c 2011 Greenbone Networks GmbH This program is free software;...