SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2.
References
Link | Resource |
---|---|
https://support.quest.com/kace-systems-management-appliance/kb/231874 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2017-08-07 09:29
Updated : 2017-08-15 09:34
NVD link : CVE-2017-12567
Mitre link : CVE-2017-12567
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
quest
- k1000_as_a_service
- kace_asset_management_appliance
- kace_systems_management_appliance