Quest · Quest Kace System Management Appliance · CVE-2018-11138
**Name of the Vulnerable Software and Affected Versions**
Quest KACE System Management Appliance version 8.0.318
**Description**
The issue concerns the accessibility of the "/common/download agent installer.php" script by anonymous users, which can be exploited to execute arbitrary commands on the system.
**Recommendations**
For Quest KACE System Management Appliance version 8.0.318, restrict access to the "/common/download agent installer.php" script to prevent anonymous users from executing arbitrary commands.