Retour
-
Titre
KACE Response to FreeBSD Vulnerabilities CVE-2024-7589, CVE-2024-6759, CVE-2024-6760 and CVE-2024-6640 -
Description
This article addresses the status of the KACE SMA appliance regarding the recent FreeBSD Vulnerabilities described under CVE-2024-7589, CVE-2024-6759, CVE-2024-6760 and CVE-2024-6640.
For more details about these vulnerabilities please refer to: -
Résolution
KACE has determined that the vulnerability described under CVE-2024-7589 impacts version 14.0 and 14.1 of the KACE SMA appliance. CVE-2024-6759, CVE-2024-6760 and CVE-2024-6640 have not been found to impact the SMA.
For immediate mitigation of CVE-2024-7589, SSH access can be turned off completely by deselecting the Enable SSH option by navigating to Settings | Security Settings, however the affected versions will be updated in an upcoming patch release.
Quest recommends that all customers ensure they are running a supported version of the KACE SMA. See KACE Software Product Support Lifecycle Policy
For any questions or assistance on this topic please contact out Tech Support . -
Identifiant du défaut
K1-35992