Quest Vulnerabilità

Sequenza temporale

Genere

Backup Software75
Endpoint Management Software34
Not Defined22
Programming Language Software1
iOS App Software1

Prodotto

Quest DR Series Disk Backup52
Quest NetVault Backup23
Quest Policy Authority13
Quest KACE System Management Appliance10
Quest KACE Systems Management Appliance Server Cen ...8

Contromisure

Official Fix86
Temporary Fix0
Workaround13
Unavailable2
Not Defined32

Sfruttabilità

High4
Functional0
Proof-of-Concept3
Unproven1
Not Defined125

Accesso al vettore

Not Defined0
Physical0
Local2
Adjacent4
Network127

Autenticazione

Not Defined0
High5
Low82
None46

Interazione dell'utente

Not Defined0
Required21
None112

C3BM Index

CVSSv3 Base

≤10
≤20
≤31
≤41
≤518
≤611
≤74
≤859
≤937
≤102

CVSSv3 Temp

≤10
≤20
≤31
≤41
≤518
≤612
≤75
≤858
≤936
≤102

VulDB

≤10
≤20
≤31
≤418
≤512
≤63
≤756
≤838
≤93
≤102

NVD

≤10
≤20
≤30
≤40
≤50
≤610
≤714
≤86
≤956
≤1038

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k17
<2k77
<5k39
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k132
<2k1
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (23): DR Series Disk Backup (52), Foglight Evolve (1), IQCRM (1), Image Racer (1), InTrust (2), Information Systems Indiana Voters App (1), JavaMelody (1), K1000 as a Service (1), KACE (1), KACE Asset Management Appliance (1), KACE Desktop Authority (4), KACE System Management Appliance (10), KACE System Management Virtual Appliance (1), KACE Systems Management Appliance (5), KACE Systems Management Appliance Server Center (8), Kace K1000 (3), Kace K1000 Systems Management Appliance (1), NetVault Backup (23), Policy Authority (13), Privilege Manager (2), Systems Management Appliance (1), ThinkPHP (1), Toad for Data Analysts (1)

Data di pubblicazioneBaseTempVulnerabilitàProdSfrConEPSSCTICVE
22/01/20248.07.9Quest Analytics IQCRM WSDL Page Common.svc sql injectionSconosciutoNot DefinedNot Defined0.002560.02CVE-2023-48118
01/03/20234.84.8Quest KACE Systems Management Appliance cross site scriptingEndpoint Management SoftwareNot DefinedNot Defined0.000730.00CVE-2022-38220
03/08/20228.08.0Quest KACE Systems Management Appliance autenticazione deboleEndpoint Management SoftwareNot DefinedNot Defined0.002210.00CVE-2022-30285
03/08/20222.62.6Quest KACE Systems Management Appliance Appliance Linking crittografia deboleEndpoint Management SoftwareNot DefinedNot Defined0.001580.00CVE-2022-29808
03/08/20228.08.0Quest KACE Systems Management Appliance download_agent_installer.php sql injectionEndpoint Management SoftwareNot DefinedNot Defined0.001850.00CVE-2022-29807
22/12/20213.53.4Quest KACE Desktop Authority jQuery jQuery.htmlPrefilter cross site scriptingEndpoint Management SoftwareNot DefinedOfficial Fix0.000720.00CVE-2021-44030
22/12/20215.55.3Quest KACE Desktop Authority Log4net Configuration File XML External EntityEndpoint Management SoftwareNot DefinedOfficial Fix0.000610.00CVE-2021-44028
22/12/20215.04.8Quest KACE Desktop Authority RadAsyncUpload escalazione di privilegiEndpoint Management SoftwareNot DefinedOfficial Fix0.007300.00CVE-2021-44029
22/12/20217.37.0Quest KACE Desktop Authority Insertimage.aspx escalazione di privilegiEndpoint Management SoftwareNot DefinedOfficial Fix0.004870.00CVE-2021-44031
11/01/20214.44.3Quest Policy Authority BrowseDirs.do cross site scriptingSconosciutoNot DefinedWorkaround0.000680.00CVE-2020-35727
11/01/20214.84.7Quest Policy Authority index.jsp cross site scriptingSconosciutoNot DefinedWorkaround0.001220.00CVE-2020-35726
11/01/20214.84.7Quest Policy Authority index.jsp cross site scriptingSconosciutoNot DefinedWorkaround0.001220.00CVE-2020-35725
11/01/20214.44.3Quest Policy Authority Error.jsp cross site scriptingSconosciutoNot DefinedWorkaround0.000680.00CVE-2020-35724
11/01/20214.44.3Quest Policy Authority ReportPreview.do cross site scriptingSconosciutoNot DefinedWorkaround0.000680.00CVE-2020-35723
11/01/20215.04.9Quest Policy Authority Web Compliance Manager submitUser.jsp cross site request forgerySconosciutoNot DefinedWorkaround0.001140.00CVE-2020-35722
11/01/20214.44.3Quest Policy Authority BrowseAssets.do cross site scriptingSconosciutoNot DefinedWorkaround0.000680.00CVE-2020-35721
11/01/20214.44.3Quest Policy Authority submitUser.jsp cross site scriptingSconosciutoNot DefinedWorkaround0.000680.00CVE-2020-35720
11/01/20214.84.7Quest Policy Authority index.jsp cross site scriptingSconosciutoNot DefinedWorkaround0.001220.00CVE-2020-35719
11/01/20214.84.7Quest Policy Authority Web Compliance Manager cConn.jsp cross site scriptingSconosciutoNot DefinedWorkaround0.000720.00CVE-2020-35206
11/01/20216.66.5Quest Policy Authority Web Compliance Manager initFile.jsp escalazione di privilegiSconosciutoNot DefinedWorkaround0.006250.00CVE-2020-35205
11/01/20214.84.7Quest Policy Authority FolderControl.jsp cross site scriptingSconosciutoNot DefinedWorkaround0.000720.00CVE-2020-35204
11/01/20214.84.7Quest Policy Authority Web Compliance Manager initFile.jsp cross site scriptingSconosciutoNot DefinedWorkaround0.000720.00CVE-2020-35203
23/03/20208.58.5Quest Foglight Evolve autenticazione deboleSconosciutoNot DefinedNot Defined0.131290.00CVE-2020-8868
09/03/20208.58.4Quest Kace K1000 Systems Management Appliance krashrpt.php escalazione di privilegiEndpoint Management SoftwareNot DefinedOfficial Fix0.046640.03CVE-2019-20504
06/11/20194.44.4Quest KACE Systems Management Appliance Server Center ticket_associated_tickets.php cross site scriptingEndpoint Management SoftwareNot DefinedNot Defined0.000550.00CVE-2019-13081

108 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 108 results.

PrecedenteVisione D'insiemeIl prossimo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!