Sensitive Information Disclosure in Dell KACE K2000 Systems Deployment Appliance
CVE-2011-1672 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (2) sysprep.inf file, as demonstrated by reading a password.
Learn more about our Web Application Penetration Testing UK.