XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285.

CPENameOperatorVersion
kace_desktop_authorityge10.0
kace_desktop_authoritylt11.2

CPE	Name	Operator	Version
	kace_desktop_authority	ge	10.0
	kace_desktop_authority	lt	11.2

References

support.quest.com/kace-desktop-authority/kb/336098/quest-response-to-desktop-authority-vulnerabilities-prior-to-11-2

nvd 2

cve 2

cvelist 2

cnvd 1

fedora 3

rosalinux 1

mageia 1

osv 3

openvas 6

nessus 7

ubuntu 1

github 1

f5 1

veracode 1

hp 2

debiancve 1

prion 1

ubuntucve 1

intel 1

ics 1

kaspersky 1

oracle 4

nvd

CVE-2021-44028

2021-12-22 06:15:06

CVE-2018-1285

2020-05-11 17:15:10

cve

CVE-2021-44028

2021-12-22 06:15:06

CVE-2018-1285

2020-05-11 17:15:10

cvelist

CVE-2021-44028

2021-12-22 05:03:39

CVE-2018-1285

2020-05-11 16:41:28

cnvd

Quest KACE Desktop Authority XXE Vulnerability

2021-12-24 00:00:00

fedora

[SECURITY] Fedora 31 Update: log4net-2.0.8-10.fc31

2020-05-24 03:16:27

[SECURITY] Fedora 32 Update: log4net-2.0.8-10.fc32

2020-05-24 03:29:40

[SECURITY] Fedora 30 Update: log4net-2.0.8-10.fc30

2020-05-24 04:02:53

rosalinux

Advisory ROSA-SA-2023-2169

2023-06-20 10:11:17

mageia

Updated log4net packages fix security vulnerability

2020-05-27 12:52:46

osv

log4net vulnerability

2021-01-19 12:50:54

log4net - security update

2020-05-15 00:00:00

XML External Entity attack in log4net

2021-01-29 19:47:23

openvas

Fedora: Security Advisory for log4net (FEDORA-2020-cfc319e067)

2020-05-29 00:00:00

Fedora: Security Advisory for log4net (FEDORA-2020-73d380e9b9)

2020-05-29 00:00:00

Fedora: Security Advisory for log4net (FEDORA-2020-847775bf79)

2020-05-29 00:00:00

nessus

Fedora 31 : log4net (2020-847775bf79)

2020-05-26 00:00:00

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Apache Log4net vulnerability (USN-4699-1)

2021-01-19 00:00:00

Oracle Application Testing Suite (Apr 2022 CPU)

2022-04-21 00:00:00

ubuntu

Apache Log4net vulnerability

2021-01-19 00:00:00

github

XML External Entity attack in log4net

2021-01-29 19:47:23

Apache log4net Vulnerability CVE-2018-1285

2022-05-20 02:30:00

veracode

XML External Entities (XXE)

2020-05-11 03:38:22

Intel® RST Software August 2022 Security Update

2022-08-09 00:00:00

HP Security Manager, Web Jetadmin, Digital Sending Software, and Easy Printer Manager - Potential XXE-based attacks

2022-01-31 00:00:00

debiancve

CVE-2018-1285

2020-05-11 17:15:10

prion

Cross site scripting

2020-05-11 17:15:00

ubuntucve

CVE-2018-1285

2020-05-11 00:00:00

intel

Intel® RST Advisory

2022-08-09 00:00:00

ics

BD Alaris System with Guardrails Suite MX (Update A)

2023-10-26 12:00:00

kaspersky

KLA12437 Multiple vulnerabilities in Foxit PDF Reader

2022-01-28 00:00:00

oracle

Oracle Critical Patch Update Advisory - January 2021

2021-01-19 00:00:00

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Oracle Critical Patch Update Advisory - April 2021

2021-04-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.1 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.8%

JSON

Related for PRION:CVE-2021-44028