7.5
CVE-2022-29808
- EPSS 0.6%
- Veröffentlicht 02.08.2022 22:15:08
- Zuletzt bearbeitet 21.11.2024 06:59:43
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginIn Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Quest ≫ Kace Systems Management Appliance Version < 12.1.168
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.6% | 0.441 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-330 Use of Insufficiently Random Values
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
https://support.quest.com/kace-systems-management-appliance/kb/338163/quest-response-to-kace-sma-vulnerabilities-cve-2022-29808
https://support.quest.com/kb/338163