CVE-2023-33254 (kace_systems_deployment_appliance)

There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an authenticated attacker edits the user-authentication settings to specify an attacker-controlled LDAP server, clicks the Test Settings button, and captures the cleartext credentials.

active directory authentication bind button clicks credentials cve deployment directory domain exploit exposure higher ldap may privilege server settings systems test user-authentication