Vulnerabilities > Quest > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-02 CVE-2022-29808 Use of Insufficiently Random Values vulnerability in Quest Kace Systems Management Appliance
In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled.
network
low complexity
quest CWE-330
7.5
7.5
2019-11-06 CVE-2019-13079 SQL Injection vulnerability in Quest Kace Systems Management Appliance 9.1.317
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection.
network
low complexity
quest CWE-89
8.8
8.8
2019-11-06 CVE-2019-13078 SQL Injection vulnerability in Quest Kace Systems Management Appliance 9.1.317
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection.
network
low complexity
quest CWE-89
8.8
8.8
2019-11-06 CVE-2019-13076 SQL Injection vulnerability in Quest Kace Systems Management Appliance 9.1.317
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection.
network
low complexity
quest CWE-89
8.8
8.8
2019-07-08 CVE-2019-10973 Improper Input Validation vulnerability in Quest Kace Systems Management Appliance
Quest KACE, all versions prior to version 8.0.x, 8.1.x, and 9.0.x, allows unintentional access to the appliance leveraging functions of the troubleshooting tools located in the administrator user interface.
network
low complexity
quest CWE-20
7.2
7.2
2019-06-03 CVE-2018-5406 Unspecified vulnerability in Quest Kace Systems Management Appliance Firmware 9.0
The Quest Kace K1000 Appliance, versions prior to 9.0.270, allows a remote attacker to exploit the misconfigured Cross-Origin Resource Sharing (CORS) mechanism.
network
low complexity
quest
8.8
8.8
2018-06-02 CVE-2018-11194 Incorrect Permission Assignment for Critical Resource vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 6 of 6).
network
low complexity
quest CWE-732
8.8
8.8
2018-06-02 CVE-2018-11193 Incorrect Permission Assignment for Critical Resource vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 5 of 6).
network
low complexity
quest CWE-732
8.8
8.8
2018-06-02 CVE-2018-11192 Incorrect Permission Assignment for Critical Resource vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 4 of 6).
network
low complexity
quest CWE-732
8.8
8.8
2018-06-02 CVE-2018-11191 Incorrect Permission Assignment for Critical Resource vulnerability in Quest Disk Backup
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 3 of 6).
network
low complexity
quest CWE-732
8.8
8.8