CVE-2015-2862

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2015-2862
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request.

4.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://www.kb.cert.org/vuls/id/919604 Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*
cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*
cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*
cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*
Information

Published : 2015-07-20 16:59

Updated : 2019-02-05 11:25

NVD link : CVE-2015-2862

Mitre link : CVE-2015-2862

JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa
Products Affected

kaseya

  • virtual_system_administrator