Vulnerability Note VU#135606
Dell KACE K2000 Appliance contains backdoor administrator account
The Dell KACE K2000 System Deployment Appliance contains a hidden administrator account that could allow a remote attacker to take control of an affected device.
The Dell KACE K2000 Deployment Appliance is an integrated systems provisioning product for large-scale operating systems deployment. Some versions of the product contain a backdoor administrator account with a fixed password, accessible via the administrative web interface of the device. Furthermore, the backdoor account is not visible from, and cannot be removed via the appliance's administrative web interface.
A remote attacker could login to an affected device with administrative privileges. Secondary impacts include: the ability to make configuration changes, modification of existing deployment/recovery images, access to sensitive information, and the ability to mount further attacks (e.g., execute arbitrary commands with elevated privileges).
Apply an update
The Dell KACE K2000 Deployment Appliance version 3.7 removed this hidden administrator account. Affected users are encouraged to update as soon as possible to version 3.7 or later.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Dell Computer Corporation, Inc.||Affected||08 Jun 2011||08 Nov 2011|
CVSS Metrics (Learn More)
Thanks to Tenable Network Security for reporting this vulnerability.
This document was written by Chad Dougherty.
- CVE IDs: CVE-2011-4046
- Date Public: 03 Nov 2011
- Date First Published: 08 Nov 2011
- Date Last Updated: 30 Sep 2015
- Severity Metric: 33.84
- Document Revision: 25
If you have feedback, comments, or additional information about this vulnerability, please send us email.