CVE-2018-11139 is a vulnerability in Quest Software Kace System Management Appliance
Published on May 31, 2018

The '/common/ajax_email_connection_test.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by any authenticated user and can be abused to execute arbitrary commands on the system. This script is vulnerable to command injection via the unsanitized user input 'TEST_SERVER' sent to the script via the POST method.

NVD

Products Associated with CVE-2018-11139

Want to know whenever a new CVE is published for Quest Software Kace System Management Appliance? stack.watch will email you.

Quest Software Kace System Management Appliance

Exploit Probability

EPSS

25.18%

Percentile

96.09%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-11139 is a vulnerability in Quest Software Kace System Management AppliancePublished on May 31, 2018

Products Associated with CVE-2018-11139

Exploit Probability

CVE-2018-11139 is a vulnerability in Quest Software Kace System Management Appliance
Published on May 31, 2018