SysAid Technologies SysAid On-Premise Code Issue Vulnerability

SysAid Technologies SysAid is a suite of IT service management solutions from SysAid Technologies, Israel SysAid On-Premise is a locally installed version of SysAid. A security vulnerability exists in the AJP protocol port in SysAid Technologies SysAid On-Premise version 20.1.11. An attacker coul...

PT-2020-12210 · Sysaid · Sysaid On-Premise

Name of the Vulnerable Software and Affected Versions: SysAid On-Premise version 20.1.11 Description: The issue allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. This is possible because, by default, the AJP...