CVE-2018-11142
Last modified
CVE-2018-11142 is a vulnerability of currently unknown severity. The 'systemui/settings_network.php' and 'systemui/settings_patching.php' scripts in the Quest KACE System Management Appliance 8.0.318 are accessible only from localhost. This restriction can be bypassed by modifying the 'Host' and 'X_Forwarded_For' HTTP headers in a POST request. EPSS estimates a 0.42% chance of exploitation in the next 30 days.
Description
The 'systemui/settings_network.php' and 'systemui/settings_patching.php' scripts in the Quest KACE System Management Appliance 8.0.318 are accessible only from localhost. This restriction can be bypassed by modifying the 'Host' and 'X_Forwarded_For' HTTP headers in a POST request. An anonymous user can abuse this vulnerability to execute critical functions without authorization.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Quest | Kace System Management Appliance | 8.0.318 |
References
- https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilitiesExploit, Technical Description, Third Party Advisory
- https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilitiesExploit, Technical Description, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-11142?
How severe is CVE-2018-11142?
How do I fix CVE-2018-11142?
Are you affected by CVE-2018-11142?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST