4 matches found
Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software
Last week cybercriminals deployed ransomware to 1,500 organizations, including many that provide IT security and technical support to other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large...
CVE-2015-2862
Directory traversal vulnerability in Kaseya Virtual System Administrator VSA 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request...
CVE-2015-2862
CVE-2015-2862 affects Kaseya Virtual System Administrator (VSA). A directory traversal vulnerability allows remote authenticated users to read arbitrary files via a crafted HTTP request. Affected VSA versions are 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0....
Kaseya Virtual System Administrator contains multiple vulnerabilities
Overview Kaseya Virtual System Administrator VSA, versions R9 and possibly earlier, contains arbitrary file download and open redirect vulnerabilities. Description CWE-22: Improper Limitation of Pathname to a Restricted Directory 'Path Traversal' - CVE-2015-2862Kaseya VSA is an IT management...