Quest 漏洞

时间轴

类型

Backup Software75
Endpoint Management Software34
Not Defined22
Programming Language Software1
iOS App Software1

产品

Quest DR Series Disk Backup52
Quest NetVault Backup23
Quest Policy Authority13
Quest KACE System Management Appliance10
Quest KACE Systems Management Appliance Server Cen ...8

修正

Official Fix86
Temporary Fix0
Workaround13
Unavailable2
Not Defined32

易受攻击性

High4
Functional0
Proof-of-Concept3
Unproven1
Not Defined125

访问向量

Not Defined0
Physical0
Local2
Adjacent4
Network127

身份验证

Not Defined0
High5
Low82
None46

用户交互

Not Defined0
Required21
None112

C3BM Index

CVSSv3 Base

≤10
≤20
≤31
≤41
≤518
≤611
≤74
≤859
≤937
≤102

CVSSv3 Temp

≤10
≤20
≤31
≤41
≤518
≤612
≤75
≤858
≤936
≤102

VulDB

≤10
≤20
≤31
≤418
≤512
≤63
≤756
≤838
≤93
≤102

NVD

≤10
≤20
≤30
≤40
≤50
≤610
≤714
≤86
≤956
≤1038

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

供应商

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k17
<2k78
<5k38
<10k0
<25k0
<50k0
<100k0
≥100k0

本日攻击

<1k132
<2k1
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

攻击市场容量

🔴 CTI 活动

Affected Products (23): DR Series Disk Backup (52), Foglight Evolve (1), IQCRM (1), Image Racer (1), InTrust (2), Information Systems Indiana Voters App (1), JavaMelody (1), K1000 as a Service (1), KACE (1), KACE Asset Management Appliance (1), KACE Desktop Authority (4), KACE System Management Appliance (10), KACE System Management Virtual Appliance (1), KACE Systems Management Appliance (5), KACE Systems Management Appliance Server Center (8), Kace K1000 (3), Kace K1000 Systems Management Appliance (1), NetVault Backup (23), Policy Authority (13), Privilege Manager (2), Systems Management Appliance (1), ThinkPHP (1), Toad for Data Analysts (1)

已发布BaseTemp漏洞Prod修正EPSSCTICVE
2024-01-228.07.9Quest Analytics IQCRM WSDL Page Common.svc SQL注入未知Not DefinedNot Defined0.002560.04CVE-2023-48118
2023-03-014.84.8Quest KACE Systems Management Appliance 跨网站脚本Endpoint Management SoftwareNot DefinedNot Defined0.000730.00CVE-2022-38220
2022-08-038.08.0Quest KACE Systems Management Appliance 弱身份验证Endpoint Management SoftwareNot DefinedNot Defined0.002210.00CVE-2022-30285
2022-08-032.62.6Quest KACE Systems Management Appliance Appliance Linking 弱加密Endpoint Management SoftwareNot DefinedNot Defined0.001580.00CVE-2022-29808
2022-08-038.08.0Quest KACE Systems Management Appliance download_agent_installer.php SQL注入Endpoint Management SoftwareNot DefinedNot Defined0.001850.04CVE-2022-29807
2021-12-223.53.4Quest KACE Desktop Authority jQuery jQuery.htmlPrefilter 跨网站脚本Endpoint Management SoftwareNot DefinedOfficial Fix0.000720.00CVE-2021-44030
2021-12-225.55.3Quest KACE Desktop Authority Log4net Configuration File XML External EntityEndpoint Management SoftwareNot DefinedOfficial Fix0.000610.00CVE-2021-44028
2021-12-225.04.8Quest KACE Desktop Authority RadAsyncUpload 权限升级Endpoint Management SoftwareNot DefinedOfficial Fix0.007300.00CVE-2021-44029
2021-12-227.37.0Quest KACE Desktop Authority Insertimage.aspx 权限升级Endpoint Management SoftwareNot DefinedOfficial Fix0.004870.00CVE-2021-44031
2021-01-114.44.3Quest Policy Authority BrowseDirs.do 跨网站脚本未知Not DefinedWorkaround0.000680.00CVE-2020-35727
2021-01-114.84.7Quest Policy Authority index.jsp 跨网站脚本未知Not DefinedWorkaround0.001220.00CVE-2020-35726
2021-01-114.84.7Quest Policy Authority index.jsp 跨网站脚本未知Not DefinedWorkaround0.001220.00CVE-2020-35725
2021-01-114.44.3Quest Policy Authority Error.jsp 跨网站脚本未知Not DefinedWorkaround0.000680.00CVE-2020-35724
2021-01-114.44.3Quest Policy Authority ReportPreview.do 跨网站脚本未知Not DefinedWorkaround0.000680.00CVE-2020-35723
2021-01-115.04.9Quest Policy Authority Web Compliance Manager submitUser.jsp 跨网站请求伪造未知Not DefinedWorkaround0.001140.00CVE-2020-35722
2021-01-114.44.3Quest Policy Authority BrowseAssets.do 跨网站脚本未知Not DefinedWorkaround0.000680.00CVE-2020-35721
2021-01-114.44.3Quest Policy Authority submitUser.jsp 跨网站脚本未知Not DefinedWorkaround0.000680.00CVE-2020-35720
2021-01-114.84.7Quest Policy Authority index.jsp 跨网站脚本未知Not DefinedWorkaround0.001220.00CVE-2020-35719
2021-01-114.84.7Quest Policy Authority Web Compliance Manager cConn.jsp 跨网站脚本未知Not DefinedWorkaround0.000720.00CVE-2020-35206
2021-01-116.66.5Quest Policy Authority Web Compliance Manager initFile.jsp 权限升级未知Not DefinedWorkaround0.006250.00CVE-2020-35205
2021-01-114.84.7Quest Policy Authority FolderControl.jsp 跨网站脚本未知Not DefinedWorkaround0.000720.00CVE-2020-35204
2021-01-114.84.7Quest Policy Authority Web Compliance Manager initFile.jsp 跨网站脚本未知Not DefinedWorkaround0.000720.00CVE-2020-35203
2020-03-238.58.5Quest Foglight Evolve 弱身份验证未知Not DefinedNot Defined0.131290.00CVE-2020-8868
2020-03-098.58.4Quest Kace K1000 Systems Management Appliance krashrpt.php 权限升级Endpoint Management SoftwareNot DefinedOfficial Fix0.061980.08CVE-2019-20504
2019-11-064.44.4Quest KACE Systems Management Appliance Server Center ticket_associated_tickets.php 跨网站脚本Endpoint Management SoftwareNot DefinedNot Defined0.000550.00CVE-2019-13081

108 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 108 results.

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!