CVE-2017-12567

SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:quest:kace_asset_management_appliance:7.2:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_asset_management_appliance:6.4.120822:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_asset_management_appliance:7.1.149:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_asset_management_appliance:7.1:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_asset_management_appliance:7.0.121306:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_asset_management_appliance:7.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:quest:kace_systems_management_appliance:7.1:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_systems_management_appliance:7.0:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_systems_management_appliance:7.2.101:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_systems_management_appliance:7.2:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_systems_management_appliance:7.1.149:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_systems_management_appliance:7.0.121306:*:*:*:*:*:*:*
cpe:2.3:a:quest:kace_systems_management_appliance:6.4.120822:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:quest:k1000_as_a_service:7.0:*:*:*:*:*:*:*
cpe:2.3:a:quest:k1000_as_a_service:7.2:*:*:*:*:*:*:*
cpe:2.3:a:quest:k1000_as_a_service:7.1.149:*:*:*:*:*:*:*
cpe:2.3:a:quest:k1000_as_a_service:7.1:*:*:*:*:*:*:*
cpe:2.3:a:quest:k1000_as_a_service:7.0.121306:*:*:*:*:*:*:*

Information

Published : 2017-08-07 09:29

Updated : 2017-08-15 09:34


NVD link : CVE-2017-12567

Mitre link : CVE-2017-12567


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

quest

  • k1000_as_a_service
  • kace_asset_management_appliance
  • kace_systems_management_appliance