The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code.
http://www.kace.com/support/kb/index.php?action=artikel&id=1120&artlang=en
OR
cpe:2.3:h:dell:kace_k2000_systems_deployment_appliance:*:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
72416 | Dell KACE K2000 < 3.3.52857 Multiple Vulnerabilities | Nessus | CGI abuses | high |
56754 | Dell KACE K2000 Web Backdoor Account | Nessus | CGI abuses | high |