Vulnerabilities > CVE-2018-11142 - Incorrect Authorization vulnerability in Quest Kace System Management Appliance 8.0.318

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

quest

CWE-863

NVD

Published: 2018-05-31

Updated: 2019-10-03

Summary

The 'systemui/settings_network.php' and 'systemui/settings_patching.php' scripts in the Quest KACE System Management Appliance 8.0.318 are accessible only from localhost. This restriction can be bypassed by modifying the 'Host' and 'X_Forwarded_For' HTTP headers in a POST request. An anonymous user can abuse this vulnerability to execute critical functions without authorization.

Vulnerable Configurations

Part	Description	Count
Application	Quest Quest Kace System Management Appliance 8.0.318	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

Packetstorm

data source	https://packetstormsecurity.com/files/download/148005/CORE-2018-0004.txt
id	PACKETSTORM:148005
last seen	2018-06-01
published	2018-05-31
reporter	Core Security Technologies
source	https://packetstormsecurity.com/files/148005/Quest-KACE-System-Management-Appliance-8.0-Build-8.0.318-XSS-Traversal-Code-Execution-SQL-Injection.html
title	Quest KACE System Management Appliance 8.0 (Build 8.0.318) XSS / Traversal / Code Execution / SQL Injection

References

https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities