CVE-2019-10973 Information

Description

Quest KACE all versions prior to version 8.0.x 8.1.x and 9.0.x allows unintentional access to the appliance leveraging functions of the troubleshooting tools located in the administrator user interface.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/109001 https://www.us-cert.gov/ics/advisories/icsa-19-183-02

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.2