Return
-
Title
Quest KACE response to CVE-2018-15473 -
Description
Quest KACE response to the CVE-2018-15473 vulnerability on the KACE Systems Management Appliance (SMA) -
Cause
-
Resolution
KACE has determined that while the KACE Systems Management Appliance (SMA) does contain a vulnerable version of OpenSSH, there is no public access to SSH allowed on the appliance. SSH exists on the appliance to allow for KACE Support interaction on the appliance.
Furthermore, SSH access can be turned off completely by deselecting the Enable SSH option by navigating to Settings | Security Settings.
-
Defect ID
ESMP-6217