Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Kace Desktop Authority Security Vulnerabilities

cve
cve

CVE-2021-44029

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known (due....

9.8CVSS

9.6AI Score

0.965EPSS

2021-12-22 06:15 AM
74
In Wild
cve
cve

CVE-2021-44030

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of...

6.1CVSS

5.9AI Score

0.001EPSS

2021-12-22 06:15 AM
31
cve
cve

CVE-2021-44031

An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at...

9.8CVSS

9.7AI Score

0.006EPSS

2021-12-22 06:15 AM
35
cve
cve

CVE-2021-44028

XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to...

5.5CVSS

7AI Score

0.009EPSS

2021-12-22 06:15 AM
35