Vulnerabilities > Quest > Kace Systems Management Appliance
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-06 | CVE-2019-12918 | SQL Injection vulnerability in Quest Kace Systems Management Appliance 9.1.317 Quest KACE Systems Management Appliance Server Center version 9.1.317 is vulnerable to SQL injection. | 9.8 |
| 2019-11-06 | CVE-2019-12917 | Cross-site Scripting vulnerability in Quest Kace Systems Management Appliance 9.1.317 A reflected XSS vulnerability exists in Quest KACE Systems Management Appliance Server Center 9.1.317 affecting the userui/software_library.php component via the PATH_INFO. | 6.1 |
| 2019-07-08 | CVE-2019-10973 | Improper Input Validation vulnerability in Quest Kace Systems Management Appliance Quest KACE, all versions prior to version 8.0.x, 8.1.x, and 9.0.x, allows unintentional access to the appliance leveraging functions of the troubleshooting tools located in the administrator user interface. | 7.2 |
| 2019-05-24 | CVE-2019-11604 | Cross-site Scripting vulnerability in Quest Kace Systems Management Appliance An issue was discovered in Quest KACE Systems Management Appliance before 9.1. | 6.1 |
| 2017-08-07 | CVE-2017-12567 | SQL Injection vulnerability in Quest products SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2. | 9.8 |