Quest Kace Desktop Authority — known CVE vulnerabilities
Every CVE whose affected-product data names Quest Kace Desktop Authority, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-44029 — CVSS 9.8 (critical): An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a…
CVE-2021-44031 — CVSS 9.8 (critical): An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx…
CVE-2021-44030 — CVSS 6.1 (medium): Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter…
CVE-2021-44028 — CVSS 5.5 (medium): XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a…
CVE-2025-67813 — CVSS 5.3 (medium): Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication