Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Filtered by product Kace K2000 Systems Deployment Appliance
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1672 1 Dell 1 Kace K2000 Systems Deployment Appliance 2017-08-16 5.0 MEDIUM N/A
The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (2) sysprep.inf file, as demonstrated by reading a password.
CVE-2011-4048 1 Dell 1 Kace K2000 Systems Deployment Appliance 2015-10-02 4.3 MEDIUM N/A
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials.
CVE-2011-4046 1 Dell 1 Kace K2000 Systems Deployment Appliance 2011-11-14 5.0 MEDIUM N/A
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code.
CVE-2011-4047 1 Dell 1 Kace K2000 Systems Deployment Appliance 2011-11-13 9.3 HIGH N/A
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access.
CVE-2011-4436 1 Dell 1 Kace K2000 Systems Deployment Appliance 2011-11-13 3.5 LOW N/A
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.