Known Vulnerabilities for products from Quest

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Quest".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2025-32975 json Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x b... Not Provided 2025-06-24 2026-04-21
CVE-2023-33254 json There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured creden... 6.5 - MEDIUM 2023-05-21 2023-05-26
CVE-2022-38220 json An XSS vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.1 that may allow remote injection... 6.1 - MEDIUM 2023-03-01 2023-03-06
CVE-2022-30285 json In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. This may a... 9.8 - CRITICAL 2022-08-02 2023-08-08
CVE-2022-29808 json In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is ... 7.5 - HIGH 2022-08-02 2022-08-10
CVE-2022-29807 json A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for rem... 9.8 - CRITICAL 2022-08-02 2022-08-10
CVE-2021-44031 json An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Ins... 9.8 - CRITICAL 2021-12-22 2021-12-28
CVE-2021-44030 json Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlP... 6.1 - MEDIUM 2021-12-22 2021-12-27
CVE-2021-44029 json An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote co... 9.8 - CRITICAL 2021-12-22 2022-01-03
CVE-2021-44028 json XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an at... 5.5 - MEDIUM 2021-12-22 2022-01-03
CVE-2020-35727 json ** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious... 5.4 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35726 json ** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious... 6.1 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35725 json ** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious... 6.1 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35724 json ** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious... 5.4 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35723 json ** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious... 5.4 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35722 json ** UNSUPPORTED WHEN ASSIGNED ** CSRF in Web Compliance Manager in Quest Policy Authority 8.1.2.200 allows remote attackers to... 6.5 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35721 json ** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious... 5.4 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35720 json ** UNSUPPORTED WHEN ASSIGNED ** Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious cod... 5.4 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35719 json ** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious... 6.1 - MEDIUM 2021-01-11 2023-11-07
CVE-2020-35206 json ** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows at... 6.1 - MEDIUM 2021-01-11 2023-11-07
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Quest

Type Vendor Product Version
ApplicationQuestActiveroles Management Shell For Active Directory1.4.0.2139
ApplicationQuestApplication Integration Tool1.0.5
ApplicationQuestBenchmark Factory For Databases5.5.1.379
ApplicationQuestBig Brother System And Network Monitor Client1.8.4000
ApplicationQuestCapacity Manager For Oracle1.1.2
ApplicationQuestDisk Backup4.0
ApplicationQuestFoglight Evolve9.0.0
ApplicationQuestInstaller Logging3.0.1
ApplicationQuestIntrust10.1
ApplicationQuestIntrust Administrative Report Pack10.2.5.1024
ApplicationQuestIntrust Agent10.2.5.1024
ApplicationQuestIntrust Indexing Tool10.2.5.1024
ApplicationQuestIntrust Knowledge Pack For Cisco Pix Firewall And Checkpoint Firewall10.2.5.1024
ApplicationQuestIntrust Knowledge Pack For Hpux10.2.5.1024
ApplicationQuestIntrust Knowledge Pack For Microsoft Audit Collection Services10.2.5.1024
ApplicationQuestIntrust Knowledge Pack For Microsoft Excel10.2.5.1024
ApplicationQuestIntrust Knowledge Pack For Microsoft Exchange Server10.2.5.1024
ApplicationQuestIntrust Knowledge Pack For Microsoft Identity Integration Server10.2.5.1024
ApplicationQuestIntrust Knowledge Pack For Microsoft Iis10.2.5.1024
ApplicationQuestIntrust Knowledge Pack For Microsoft Isa Server10.2.5.1024
Results limited to 20 most recent known configurations