Unrated severityNVD Advisory· Published Dec 22, 2021· Updated Aug 4, 2024
CVE-2021-44029
CVE-2021-44029
Description
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known (due to the presence of CVE-2017-11317, CVE-2017-11357, or other means). A default setting for the type whitelisting feature in more current versions of ASP.NET AJAX prevents exploitation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Quest/KACE Desktop Authoritydescription
- Range: <11.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.