Vulnerability Details CVE-2017-12567
SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2017-12567
-
cpe:2.3:a:quest:k1000_as_a_service:7.0
-
cpe:2.3:a:quest:k1000_as_a_service:7.0.121306
-
cpe:2.3:a:quest:k1000_as_a_service:7.1
-
cpe:2.3:a:quest:k1000_as_a_service:7.1.149
-
cpe:2.3:a:quest:k1000_as_a_service:7.2
-
cpe:2.3:a:quest:kace_asset_management_appliance:6.4.120822
-
cpe:2.3:a:quest:kace_asset_management_appliance:7.0
-
cpe:2.3:a:quest:kace_asset_management_appliance:7.0.121306
-
cpe:2.3:a:quest:kace_asset_management_appliance:7.1
-
cpe:2.3:a:quest:kace_asset_management_appliance:7.1.149
-
cpe:2.3:a:quest:kace_asset_management_appliance:7.2
-
cpe:2.3:a:quest:kace_systems_management_appliance:6.4.120822
-
cpe:2.3:a:quest:kace_systems_management_appliance:7.0
-
cpe:2.3:a:quest:kace_systems_management_appliance:7.0.121306
-
cpe:2.3:a:quest:kace_systems_management_appliance:7.1
-
cpe:2.3:a:quest:kace_systems_management_appliance:7.1.149
-
cpe:2.3:a:quest:kace_systems_management_appliance:7.2
-
cpe:2.3:a:quest:kace_systems_management_appliance:7.2.101