Kace Systems Management Appliance@* Security Vulnerabilities and Issues — Kace Systems Management Appliance@* CVE List

Lucene search

QuestKace Systems Management Appliance*

4 matches found

CVE•added 2022/08/02 10:15 p.m.•63 views

CVE-2022-29807

A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php.

9.8CVSS9.9AI score0.02023EPSS

CVE•added 2022/08/02 10:15 p.m.•63 views

CVE-2022-29808

In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled.

7.5CVSS7.5AI score0.00281EPSS

CVE•added 2022/08/02 10:15 p.m.•53 views

CVE-2022-30285

In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. This may allow authentication with invalid credentials.

9.8CVSS9.4AI score0.00267EPSS

CVE•added 2019/05/24 5:29 p.m.•47 views

CVE-2019-11604

An issue was discovered in Quest KACE Systems Management Appliance before 9.1. The script at /service/kbot_service_notsoap.php is vulnerable to unauthenticated reflected XSS when user-supplied input to the METHOD GET parameter is processed by the web application. Since the application does not prop...

6.1CVSS6.2AI score0.00503EPSS

Web