XSS Vulnerability in Dell KACE K1000 Management Appliance
CVE-2014-0330

Currently unrated

Key Information:

Vendor

Dell
Status
Kace K1000 Systems Management Appliance Software
Kace K1000 Systems Management Appliance
Vendor
CVE Published:
6 February 2014

What is CVE-2014-0330?

A cross-site scripting vulnerability exists in the adminui/user_list.php component of the Dell KACE K1000 management appliance version 5.5.90545. This flaw allows remote attackers to inject arbitrary web scripts or HTML content by manipulating the LABEL_ID parameter. Successful exploitation may lead to session hijacking or unauthorized actions performed on behalf of the victims.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/65333
vdb-entryx_refsource_BID
http://osvdb.org/102855
vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/90954
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.