Browse all 3 CVE security advisories affecting Quest Kace. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Quest Kace provides endpoint management and security solutions for IT environments. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws. The platform's web interfaces and agent components have been primary targets. Notable characteristics include its widespread enterprise adoption and integration with IT infrastructure. Security incidents have involved authentication bypass and insecure default configurations. With three CVEs on record, Quest Kace represents a critical asset in many networks, requiring regular patching and hardening to mitigate risks. Its dual role as both security tool and potential attack surface makes it a focal point for defensive strategies.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-5404 | The Quest Kace K1000 Appliance is vulnerable to multiple Blind SQL Injections. — K1000 ApplianceCWE-89 | 6.5 | - | 2019-06-03 |
| CVE-2018-5405 | The Quest Kace K1000 Appliance is vulnerable to JavaScript injection. — K1000 ApplianceCWE-79 | 5.4 | - | 2019-06-03 |
| CVE-2018-5406 | The Quest Kace K1000 Appliance misconfigures the Cross-Origin Resource Sharing (CORS) mechanism. — K1000 ApplianceCWE-284 | 8.8 | - | 2019-06-03 |
This page lists every published CVE security advisory associated with Quest Kace. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.