Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (2) sysprep.inf file, as demonstrated by reading a password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dell KACE K2000 Systems Deployment Appliance信息泄露漏洞
Vulnerability Description
Dell KACE K2000 Systems Deployment Appliance 3.3.36822及之前版本中存在信息泄露漏洞。由于该装置对共享文件创建了隐藏的、匿名的只读访问, 并使用在根文件("unattend.xml"和"sysprep.inf")中存储的Windows账户证书向计算机加入域名,远程认证攻击者可利用该漏洞泄露Windows证书和共享文件的内容。
CVSS Information
N/A
Vulnerability Type
N/A