-
Title
KACE SMA September 2022 Critical Security Update Available -
Description
On September 15, Quest was informed of and confirmed a vulnerability related to authentication in the SMA family of products.The reported issue could potentially allow unauthenticated access to your appliance, under certain conditions. A Critical Security Update has been released to address this issue.
Affected versions: All
-
Resolution
A hotfix has been tested and released to address this vulnerability. We recommend that all customers apply this hotfix to all KACE SMA instances that their organization may have. This vulnerability has not yet been exploited to our knowledge, and is completely resolved with the application of this hotfix.
The vulnerability potentially affects any SMA-Family appliance of any version, and it is our recommendation that all customers upgrade to 12.1, and apply the hotfix immediately.
Hotfix will be applicable to the following versions:
11.1.264
12.0.150
12.1.168Incremented versions will appear on the Appliance after successful application of this hotfix.
How to get hotfix applied:
Option 1: Advertised Updates under Settings | Appliance UpdatesUnder Server Actions click on "Update Now" for latest advertised appliance update (11.1.265, 12.0.151, 12.1.169). This is not a full upgrade and typically takes a few minutes to apply and reboot.
Option 2: Manual update by downloading hotfix from the support portal.
11.1 Downloads (Required if not currently running 11.1.265)
12.0 Downloads (Required if not currently running 12.0.151)
12.1 Downloads (Required if not currently running 12.1.169)Note: Applying the hotfix manually will not require a reboot, but the red banner will remain after applying the hotfix if the critical security update was already advertised to the appliance.