Vulnerabilities > Quest > Kace Systems Management Appliance > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-02 | CVE-2022-30285 | Inadequate Encryption Strength vulnerability in Quest Kace Systems Management Appliance In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. | 9.8 |
| 2022-08-02 | CVE-2022-29807 | SQL Injection vulnerability in Quest Kace Systems Management Appliance A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php. | 9.8 |
| 2019-11-06 | CVE-2019-12918 | SQL Injection vulnerability in Quest Kace Systems Management Appliance 9.1.317 Quest KACE Systems Management Appliance Server Center version 9.1.317 is vulnerable to SQL injection. | 9.8 |
| 2017-08-07 | CVE-2017-12567 | SQL Injection vulnerability in Quest products SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2. | 9.8 |