Quest response to KACE SMA Vulnerabilities: CVE-2022-29808 (4258795)

立即与支持人员聊天

反馈已提交

本文是否解决了您的问题？

选择评级

标题

Quest response to KACE SMA Vulnerabilities: CVE-2022-29808
说明

The Quest team has been made aware regarding vulnerabilities involving the KACE System Management Appliance product below:
CVE-2022-29808 - Incorrect Access Control

Quest takes handling of vulnerabilities seriously, and we investigate and respond to all reported potential vulnerabilities. Our vulnerability reporting and response process can be found here.
原因

CVE-2022-29808 - In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled.
解决办法

The KACE SMA vulnerability reported under CVE-2022-29808 is resolved in version 12.1.168 of the KACE Systems Management Appliance, available for download here.
If unable to upgrade to the latest version at this time, please refer to KACE SMA April 2022 Critical Security Hotfix.

反馈已提交

本文是否解决了您的问题？

选择评级

建议的内容

产品：: KACE Asset Management Appliance; KACE Service Desk; KACE Systems Management Appliance; KACE as a Service

标题