Описание
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /common/user_profile.php. The affected parameter is sort_column.
Ссылки
- Vendor Advisory
- Product
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:quest:kace_systems_management_appliance:9.1.317:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00358
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /common/user_profile.php. The affected parameter is sort_column.
EPSS
Процентиль: 57%
0.00358
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89