Quest Systems Management Appliance Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

9.1.317	12
12.0	2
6.3 SP2	2

Remediation

Official Fix	2
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	14

Exploitability

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	16

Access Vector

Not Defined	0
Physical	0
Local	0
Adjacent	2
Network	14

Authentication

Not Defined	0
High	0
Low	6
None	10

User Interaction

Not Defined	0
Required	6
None	10

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	4
≤7	0
≤8	6
≤9	4
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	4
≤7	0
≤8	6
≤9	4
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	2
≤5	4
≤6	0
≤7	6
≤8	4
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	4
≤8	0
≤9	4
≤10	6

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	0
<2k	16
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Today

<1k	16
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Versions (8): 6.3 SP2, 7.0, 7.1, 7.2, 9.0, 9.1.317, 12.0, 12.1

Link to Product Website: https://www.quest.com/

Software Type: Endpoint Management Software

Published	Base	Temp	Vulnerability	0day	Today	Exp	Rem	CTI	CVE
03/01/2023	4.8	4.8	Quest KACE Systems Management Appliance cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-38220
08/03/2022	8.0	8.0	Quest KACE Systems Management Appliance improper authentication	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-30285
08/03/2022	2.6	2.6	Quest KACE Systems Management Appliance Appliance Linking random values	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-29808
08/03/2022	8.0	8.0	Quest KACE Systems Management Appliance download_agent_installer.php sql injection	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	CVE-2022-29807
03/09/2020	8.5	8.4	Quest Kace K1000 Systems Management Appliance krashrpt.php injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.08	CVE-2019-20504
11/06/2019	4.4	4.4	Quest KACE Systems Management Appliance Server Center ticket_associated_tickets.php cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2019-13081
11/06/2019	4.4	4.4	Quest KACE Systems Management Appliance Server Center cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	CVE-2019-13080
11/06/2019	7.5	7.5	Quest KACE Systems Management Appliance Server Center history_log.php sql injection	$0-$5k	$0-$5k	Not Defined	Not Defined	0.08	CVE-2019-13079
11/06/2019	7.5	7.5	Quest KACE Systems Management Appliance Server Center user_profile.php sql injection	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2019-13078
11/06/2019	5.2	5.2	Quest KACE Systems Management Appliance Server Center sam_detail_titled.php cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2019-13077

5 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 5 results.

more entries by Quest

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!