Dell Kace K1000 Systems Management Appliance is prone to multiple security vulnerabilities.
An attacker may leverage these issues to bypass certain security restrictions, obtain sensitive information and execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
| Bugtraq ID: | 108538 |
| Class: | Design Error |
| CVE: | CVE-2018-19615 CVE-2018-19616 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 01 2019 12:00AM |
| Updated: | Jun 01 2019 12:00AM |
| Credit: | Kapil Khot |
| Vulnerable: | Dell Kace K1000 Systems Management Appliance 8.0.318 Dell Kace K1000 Systems Management Appliance 7.0.121306 Dell Kace K1000 Systems Management Appliance 6.4.12075 |
| Not Vulnerable: | Dell Kace K1000 Systems Management Appliance 9.0.270 |
References:
- Rockwell Automation Homepage (Rockwell Automation)
- Advisory (ICSA-19-050-04) Rockwell Automation Allen-Bradley PowerMonitor 1000 (ICS-CERT)
from SecurityFocus Vulnerabilities http://bit.ly/2MsVTOu
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.