PT-2022-20045 · Quest · Quest Kace System Management Appliance
Published
2022-08-02
·
Updated
2023-08-08
·
CVE-2022-30285
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Quest KACE Systems Management Appliance (SMA) versions prior to 12.0
Description
A hash collision is possible during authentication in the affected software, which may allow authentication with invalid credentials.
Recommendations
For versions prior to 12.0, update to version 12.0 or later to resolve the issue.
Fix
Inadequate Encryption Strength
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Quest Kace System Management Appliance