Vulnerabilities > Quest > Kace Systems Management Appliance > 8.0.0

DATE CVE VULNERABILITY TITLE RISK
2023-03-01 CVE-2022-38220 Cross-site Scripting vulnerability in Quest Kace Systems Management Appliance
An XSS vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.1 that may allow remote injection of arbitrary web script or HTML.
network
low complexity
quest CWE-79
6.1
6.1
2022-08-02 CVE-2022-30285 Inadequate Encryption Strength vulnerability in Quest Kace Systems Management Appliance
In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication.
network
low complexity
quest CWE-326
critical
 9.8
9.8
2019-07-08 CVE-2019-10973 Improper Input Validation vulnerability in Quest Kace Systems Management Appliance
Quest KACE, all versions prior to version 8.0.x, 8.1.x, and 9.0.x, allows unintentional access to the appliance leveraging functions of the troubleshooting tools located in the administrator user interface.
network
low complexity
quest CWE-20
critical
 9.0
9.0
2019-05-24 CVE-2019-11604 Cross-site Scripting vulnerability in Quest Kace Systems Management Appliance
An issue was discovered in Quest KACE Systems Management Appliance before 9.1.
network
quest CWE-79
4.3
4.3