CVE-2011-1672

Published: Apr 10, 2011Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (2) sysprep.inf file, as demonstrated by reading a password.

Affected (1)

Products: Dell: Kace K2000 Systems Deployment Appliance

1 product

Kace K2000 Systems Deployment Appliance

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Kace K2000 Systems Deployment Appliance	Up to 3.3.36822

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://www.kace.com/support/kb/index.php?action=artikel&cat=1&id=1104

Source: cve@mitre.org

Vendor Advisory

http://www.kb.cert.org/vuls/id/598700

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/bid/47172

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2011/0883

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/66630

Source: cve@mitre.org

http://www.kace.com/support/kb/index.php?action=artikel&cat=1&id=1104

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.kb.cert.org/vuls/id/598700

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/bid/47172

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0883

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/66630

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.