Security Advisory

CVE-2025-32978

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-24 00:00:00

Last updated 2025-11-03 19:53:54

Assigner mitre

State PUBLISHED

Description

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to replace system licenses through a web interface intended for license renewal. Attackers can exploit this to replace valid licenses with expired or trial licenses, causing denial of service.

← Browse all CVEs View on cve.org ↗