Lucene search
K
QuestKace Systems Management Appliance*

4 matches found

CVE
CVE
added 2022/08/02 9:35 p.m.80 views

CVE-2022-29808

CVE-2022-29808 affects Quest KACE Systems Management Appliance (SMA) up to and including 12.0, where appliance linking enables predictable token generation. This is the root cause described in connected records, tied to SMA versions prior to 12.0 and remediated by upgrading to 12.0 or later. The ...

7.5CVSS7.5AI score0.00624EPSS
CVE
CVE
added 2022/08/02 9:42 p.m.77 views

CVE-2022-29807

The CVE-2022-29807 entry affects Quest KACE Systems Management Appliance (SMA). The vulnerability is a SQL injection in the download_agent_installer.php endpoint that can lead to remote code execution. Affected are SMA versions prior to 12.0; versions 12.0 or later are patched. Remediation: updat...

9.8CVSS9.9AI score0.0109EPSS
CVE
CVE
added 2022/08/02 9:38 p.m.69 views

CVE-2022-30285

CVE-2022-30285 affects Quest KACE Systems Management Appliance (SMA) up to version 12.0. The vulnerability arises from a hash collision in the authentication process, which may allow authentication with invalid credentials. Severity is high (CVSSv3.1: 9.8, network attack vector, no user interacti...

9.8CVSS9.4AI score0.00475EPSS
CVE
CVE
added 2019/05/24 4:4 p.m.65 views

CVE-2019-11604

CVE-2019-11604 affects Quest KACE Systems Management Appliance prior to 9.1. The issue is an unauthenticated reflected Cross-Site Scripting vulnerability in the web interface: input delivered to the GET parameter of /service/kbot_service_notsoap.php is not properly validated or sanitized, allowin...

6.1CVSS6.2AI score0.01778EPSS