漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known (due to the presence of CVE-2017-11317, CVE-2017-11357, or other means). A default setting for the type whitelisting feature in more current versions of ASP.NET AJAX prevents exploitation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Quest KACE Desktop Authority 代码问题漏洞
Vulnerability Description
Quest KACE Desktop Authority是美国Quest公司的一款桌面管理软件。 Quest KACE Desktop Authority 11.2 之前的版本中存在安全漏洞,该漏洞允许攻击者通过 ASP.NET AJAX 的 RadAsyncUpload 函数中的反序列化漏洞执行远程代码。
CVSS Information
N/A
Vulnerability Type
N/A