Dell Kace K1000 Systems Management Appliance Software vulnerabilities
2 known vulnerabilities affecting dell/kace_k1000_systems_management_appliance_software.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-1671P3MEDIUMCVSS 6.5PoCv5.4.768472014-01-26
CVE-2014-1671 [MEDIUM] CWE-89 CVE-2014-1671: Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and possibly earlier allow remot
Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and possibly earlier allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the macAddress element in a (1) getUploadPath or (2) getKBot SOAP request to service/kbot_service.php; the ID parameter to (3) userui/advisory_detail.php or (4) userui/ticket
nvd
CVE-2014-0330P4MEDIUMCVSS 4.3v5.5.905452014-02-06
CVE-2014-0330 [MEDIUM] CWE-79 CVE-2014-0330: Cross-site scripting (XSS) vulnerability in adminui/user_list.php on the Dell KACE K1000 management
Cross-site scripting (XSS) vulnerability in adminui/user_list.php on the Dell KACE K1000 management appliance 5.5.90545 allows remote attackers to inject arbitrary web script or HTML via the LABEL_ID parameter.
nvd