11 matches found
CVE-2018-11138
CVE-2018-11138 affects Quest KACE System Management Appliance 8.0.318 where the unauthenticated /common/download_agent_installer.php endpoint can be abused to execute arbitrary commands as the web server user. The Core Security advisory and multiple sources confirm remote code execution via unaut...
CVE-2018-11133
CVE-2018-11133 affects Quest KACE System Management Appliance 8.0.318. The vulnerability is a cross-site scripting flaw in the fmt parameter of /common/run_cross_report.php, enabling arbitrary JavaScript in users’ browsers (CWE-79). The issue is documented in multiple sources (NVD/Nucli, CIRCL, C...
CVE-2018-11134
CVE-2018-11134 affects Quest KACE System Management Appliance 8.0 (Build 8.0.318). The issue is a privilege-escalation vector in the Sudo Server component: a command available to the web server user could change other users’ passwords, including the kace_support account, which has full sudo privi...
CVE-2018-11139
The CVE-2018-11139 entry describes a command injection in Quest KACE System Management Appliance 8.0.318 via the authenticated-accessible /common/ajax_email_connection_test.php endpoint. The vulnerability allows an authenticated user to inject commands through the unsanitized TEST_SERVER paramete...
CVE-2018-11132
CVE-2018-11132 is a command-injection vulnerability affecting Quest KACE System Management Appliance version 8.0.318. The issue resides in the message queue daemon, which runs with root privileges and allows a restricted command set; an input vector enables an attacker to append commands that are...
CVE-2018-11136
CVE-2018-11136 affects Quest KACE System Management Appliance 8.0 (Build 8.0.318). The orgID parameter in /common/download_agent_installer.php is not sanitized, enabling unauthenticated SQL injection (blind time-based). Proof-of-concept demonstrated time delays; Core/CORE advisory and other sourc...
CVE-2018-11142
CVE-2018-11142 affects Quest KACE System Management Appliance 8.0.318. The vulnerability is in the web console: systemui/settings_network.php and systemui/settings_patching.php are accessible only from localhost, and an attacker can bypass this restriction by tampering with Host and X_Forwarded_F...
CVE-2018-11137
CVE-2018-11137 affects Quest KACE System Management Appliance 8.0 (Build 8.0.318). The vulnerability is a directory-traversal flaw in the /common/download_attachment.php script, where the checksum parameter can be crafted to read arbitrary files with www privileges (no administrator privileges re...
CVE-2018-11141
CVE-2018-11141 affects Quest KACE System Management Virtual Appliance 8.0.318. The vulnerability is a path traversal issue in the advisory/authored UI where the IMAGES_JSON and attachments_to_remove[] parameters can cause arbitrary file write and delete operations. Proof-of-concept details in the...
CVE-2018-11140
CVE-2018-11140 affects Quest KACE System Management Appliance 8.0.318. The vulnerability is an SQL injection in the /common/run_report.php script via the reportID parameter, which is not sanitized. Public PoCs show an error-based SQL injection that can retrieve database information (e.g., current...
CVE-2018-11135
CVE-2018-11135 concerns the Quest KACE System Management Appliance 8.0.318. An authenticated user can trigger a deserialization-based PHP object injection in the script /adminui/error_details.php, enabling arbitrary PHP object execution as described in the vulnerability notes. Core Security CORE-...