Sysaid On-Premises Security Vulnerabilities - CVSS Score 9 - 10
Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication.
9.8CVSS
9.5AI Score
0.002EPSS
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or t...
9.8CVSS
9.5AI Score
0.002EPSS
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.
9.8CVSS
7AI Score
0.001EPSS
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
9.9CVSS
8.2AI Score
0.001EPSS
SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
9.8CVSS
7.5AI Score
0.001EPSS