CVE-2019-10973
HIGHQuest KACE Systems Management Appliance < 8.0.320 - Unauthenticated Unintended Access via Troubleshooting Tools
Title source: llmDescription
Quest KACE, all versions prior to version 8.0.x, 8.1.x, and 9.0.x, allows unintentional access to the appliance leveraging functions of the troubleshooting tools located in the administrator user interface.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/109001
Patch, Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-19-183-02
Scores
CVSS v3
7.2
EPSS
0.0242
EPSS Percentile
82.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
quest/kace_systems_management_appliance
8.0.0 - 8.0.320
Published
Jul 08, 2019
Tracked Since
Feb 18, 2026