ID de Prueba:	1.3.6.1.4.1.25623.1.0.803735
Categoría:	Web application abuses
Título:	Quest / Dell KACE K1000 Systems Management Appliance (SMA) <= 5.4.70402 Multiple SQLi Vulnerabilities
Resumen:	Quest / Dell KACE K1000 Systems Management Appliance (SMA) is; prone to multiple SQL injection (SQLi) vulnerabilities.
Descripción:	Summary: Quest / Dell KACE K1000 Systems Management Appliance (SMA) is prone to multiple SQL injection (SQLi) vulnerabilities. Vulnerability Insight: Multiple flaws are due to asset.php, asset_type.php, metering.php, mi.php, replshare.php, kbot.php, history_log.php and service.php scripts are not properly sanitizing user-supplied input. Vulnerability Impact: Successful exploitation will allow remote attackers to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. Affected Software/OS: Quest / Dell KACE K1000 SMA version 5.4.70402 and prior. Solution: Update to version 5.5 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1671 BugTraq ID: 65029 http://www.securityfocus.com/bid/65029 http://www.baesystemsdetica.com.au/Research/Advisories/Dell-KACE-K1000-SQL-Injection-(DS-2014-001) http://secunia.com/advisories/56396 XForce ISS Database: kace-multiple-sql-injection(90592) https://exchange.xforce.ibmcloud.com/vulnerabilities/90592
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.