CyberSec.Space Logo
Back to CVE Browser

CVE-2015-6922

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1110%
EPSS Percentile29.76th
PublishedFeb 17, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which allows remote attackers to bypass authentication and (1) add an administrative account via crafted request to LocalAuth/setAccount.aspx or (2) write to and execute arbitrary files via a full pathname in the PathData parameter to ConfigTab/uploader.aspx.

Affected Platforms (CPE)

πŸ“¦
Kaseya

Virtual System Administrator

>= 7.0.0.0 and < 7.0.0.33
πŸ“¦
Kaseya

Virtual System Administrator

>= 8.0.0.0 and < 8.0.0.23
πŸ“¦
Kaseya

Virtual System Administrator

>= 9.0.0.0 and < 9.0.0.19
πŸ“¦
Kaseya

Virtual System Administrator

>= 9.1.0.0 and < 9.1.0.9

References & Advisories

πŸ”— http://packetstormsecurity.com/files/133782/Kaseya-Virtual-System-Administrator-Code-Execution-Privilege-Escalation.html
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-15-448
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-15-449
πŸ”— https://helpdesk.kaseya.com/entries/96164487--Kaseya-Security-Advisory
πŸ”— https://www.exploit-db.com/exploits/38351/
πŸ”— http://packetstormsecurity.com/files/133782/Kaseya-Virtual-System-Administrator-Code-Execution-Privilege-Escalation.html
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-15-448
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-15-449

Related Vulnerabilities

CVE-2006-068610.0

add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new adminis...

CVE-2017-66409.8

A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log ...

CVE-2015-65898.8

Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0.33, 8..0.0.0 before 8.0.0.23, ...

CVE-2017-63988.8

An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execut...