Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.
KACE response to the Curl Vulnerability CVE-2023-38545 & Libcurl Vulnerability CVE-2023-38546
Description
This article addresses the status of the KACE SMA, KACE SDA, and KACE Cloud products regarding published vulnerabilities related to Curl & Libcurl. For more details about the vulnerability please refer to: CVE-2023-38545, addresses a buffer overflow flaw that impacts both libcurl and the curl command line tool. The overflow can occur during a SOCKS5 handshake. CVE-2023-38546 is associated with a cookie injection flaw, but curl maintainers suggest that the series of conditions that must be met makes the likelihood of exploitation low.
Sign In Required
You need to be signed in and under a current maintenance contract to view premium knowledge articles.
Your Request will be reviewed by our technical reviewer team and, if approved, will be added as a Topic in our Knowledgebase.
Welcome to Quest Support
You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.
The Quest Software Portal no longer supports IE8, 9, & 10 and it is recommended to upgrade your browser to the latest version of Internet Explorer or Chrome.