Intrusion PreventionQuest.KACE.System.Management.Unauthenticated.Function.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in Quest KACE System Management Appliance.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.
Affected Products
Quest KACE System Management Appliance 7.0.121306 and prior
Quest KACE System Management Appliance 7.1.149 and prior
Quest KACE System Management Appliance 7.2.103 and prior
Quest KACE System Management Appliance 8.0.319 and prior
Quest KACE System Management Appliance 8.1.107 and prior
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://support.quest.com/kace-systems-management-appliance/kb/254193/security-vulnerability-patch-sec2018_20180410-
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-06-06 | 14.627 | Severity:critical:medium |
| ID | 46294 |
| Created | Jul 05, 2018 |
| Updated | May 02, 2022 |
| Risk |
|
| CVE ID | CVE-2018-11142 |
| Exploit Prediction Score | 0.04% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Other |