35 matches found
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Dell KACE K2000 < 3.3.52857 Multiple Vulnerabilities
The remote Dell KACE K2000 appliance is affected by multiple vulnerabilities : - The appliance stores the recovery account password in plaintext within a PHP script. CVE-2011-4046 - The appliance can allow arbitrary command execution by leveraging database write access. CVE-2011-4047 - An...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4048
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
Code injection
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
Default credentials
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext inside a PHP script, enabling context-dependent attackers to read sensitive data from script source. Several connected sources corroborate that this flaw can lead to privilege abuse and unauthorized ...
CVE-2011-4047
CVE-2011-4047 affects the Dell KACE K2000 System Deployment Appliance. The issue allows remote attackers to execute arbitrary commands by exploiting write access to the appliance’s database, enabling command execution on the target system. The vulnerability is tied to remote database access and i...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
CVE-2011-4048
Dell KACE K2000 System Deployment Appliance is affected by CVE-2011-4048 due to a default username/password for the read-only reporting account, enabling remote attackers to access the database and obtain sensitive information. The issue is described in multiple sources referencing default creden...
CVE-2011-4048
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
CVE-2011-4436
Dell KACE K2000 System Deployment Appliance – the admin web interface is affected by multiple cross-site scripting (XSS) vulnerabilities, allowing remote attackers to inject arbitrary script/HTML via unspecified vectors. The connected documents confirm the same CVE in NVD/Red Hat/Nessus entries, ...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Quest / Dell KACE K2000 Systems Deployment Appliance (SDA) < 3.7 Hardcoded Credentials (HTTP)
The Quest / Dell KACE K2000 System Deployment Appliance SDA contains a hidden administrator account that allows a remote attacker to take control of an affected device. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright ...