Lucene search
K
KaseyaVirtual System Administrator

8 matches found

CVE
CVE
added 2019/02/05 5:0 a.m.985 views

CVE-2018-20753

Summary : CVE-2018-20753 affects Kaseya VSA RMM on-premises. Vulnerable versions : RMM before 9.3.0.35, before 9.4.0.36, and before 9.5.0.5. Impact : unprivileged remote attackers can execute PowerShell payloads on all managed devices. Exploitation note : attackers were active in the wild in Janu...

9.8CVSS9.5AI score0.29551EPSS
In wild
CVE
CVE
added 2018/03/26 9:0 p.m.118 views

CVE-2017-12410

Kaseya VSA Agent

7.4CVSS7.5AI score0.00251EPSS
CVE
CVE
added 2015/07/20 11:0 p.m.92 views

CVE-2015-2863

Kaseya Virtual System Administrator (VSA) Open Redirect (CVE-2015-2863) affects VSA 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4. An attacker can redirect users to arbitrary sites to facilitate phishing via unspecified vectors. Remediation per sources: app...

4.3CVSS6.7AI score0.10317EPSS
In wild
CVE
CVE
added 2020/02/13 8:11 p.m.79 views

CVE-2015-6589

CVE-2015-6589 is a directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) affecting versions 7.0.0.0–7.0.0.32, 8.0.0.0–8.0.0.22, 9.0.0.0–9.0.0.18, and 9.1.0.0–9.1.0.8/9.1.0.9 (pre-patch). The issue arises from insufficient restrictions on file paths to json.ashx, allowing ...

8.8CVSS9AI score0.13577EPSS
CVE
CVE
added 2015/07/20 11:0 p.m.72 views

CVE-2015-2862

CVE-2015-2862 affects Kaseya Virtual System Administrator (VSA). A directory traversal vulnerability allows remote authenticated users to read arbitrary files via a crafted HTTP request. Affected VSA versions are 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0....

4CVSS8.6AI score0.09481EPSS
CVE
CVE
added 2020/02/17 6:0 p.m.56 views

CVE-2015-6922

CVE-2015-6922 details (Kaseya VSA): Versions 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 fail to properly authenticate, enabling remote bypass of login. Two impacts are documented: (1) via LocalAuth/setAccount.aspx an administrative account can be created...

9.8CVSS9.6AI score0.82102EPSS
Web
CVE
CVE
added 2019/08/26 11:32 a.m.51 views

CVE-2019-15506

Kaseya Virtual System Administrator (VSA) up to 9.4.0.37 contains an information disclosure vulnerability. An unauthenticated attacker can issue properly formatted web requests and download sensitive files and information. The /DATAREPORTS directory (and other directories) can be exploited to har...

7.8CVSS7.3AI score0.01811EPSS
CVE
CVE
added 2014/07/14 9:0 p.m.48 views

CVE-2014-2926

CVE-2014-2926 affects Kaseya Virtual System Administrator (VSA) with kapfa.sys vulnerable to a NULL pointer dereference. Versions affected: VSA 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16. Local authenticated attackers could cause a denial of service (and, per CERT, potentially code execution in ...

1.7CVSS6.4AI score0.0033EPSS