5
CVE-2011-1672
- EPSS 2.5%
- Veröffentlicht 10.04.2011 02:55:01
- Zuletzt bearbeitet 16.06.2026 23:29:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (2) sysprep.inf file, as demonstrated by reading a password.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Kace K2000 Systems Deployment Appliance Version <= 3.3.36822
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.5% | 0.826 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://www.kace.com/support/kb/index.php?action=artikel&cat=1&id=1104
http://www.kb.cert.org/vuls/id/598700
http://www.securityfocus.com/bid/47172
http://www.vupen.com/english/advisories/2011/0883
https://exchange.xforce.ibmcloud.com/vulnerabilities/66630