An issue exists in Quest KACE Desktop Authority prior to 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at /images/{GUID}/{filename}.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
quest kace desktop authority |