Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Kaseya Virtual System Administrator contains multiple vulnerabilities
Informations
Name VU#919604 First vendor Publication 2015-07-13
Vendor VU-CERT Last vendor Modification 2015-07-13
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#919604

Kaseya Virtual System Administrator contains multiple vulnerabilities

Original Release date: 13 Jul 2015 | Last revised: 13 Jul 2015

Overview

Kaseya Virtual System Administrator (VSA), versions R9 and possibly earlier, contains arbitrary file download and open redirect vulnerabilities.

Description

CWE-22: Improper Limitation of Pathname to a Restricted Directory ('Path Traversal') - CVE-2015-2862

Kaseya VSA is an IT management platform with a help desk ticketing system. An authenticated attacker can traverse directories and download arbitrary files by submitting a specially crafted HTTP request to the server hosting the VSA software.

CWE-601: URL Redirection to Untrusted Site ('Open Redirect') - CVE-2015-2863

Kaseya VSA, versions V7.x, R8.x and R9.x, contain an open redirect vulnerability. An attacker may be able to leverage users' trust in the domain to induce them to visit a site with malicious content.

The CVSS score below refers to CVE-2015-2862.

Impact

A remote, authenticated attacker can download arbitrary files. A remote, unauthenticated attacker may be able to redirect users to arbitrary web sites.

Solution

Apply an update

The vendor has released the following patches to address these issues:

  • R9.1: install patch 9.1.0.4
  • R9.0: install patch 9.0.0.14
  • R8.0: install patch 8.0.0.18
  • V7.0: install patch 7.0.0.29

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Kaseya, Inc.Unknown27 Apr 201527 Apr 2015
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base4.3AV:N/AC:M/Au:N/C:N/I:P/A:N
Temporal3.4E:POC/RL:OF/RC:C
Environmental2.5CDP:N/TD:M/CR:ND/IR:ND/AR:ND

References

  • http://www.kaseya.com/solutions/virtual-administrator
  • http://cwe.mitre.org/data/definitions/22.html
  • http://cwe.mitre.org/data/definitions/601.html

Credit

Thanks to Pedro Ribeiro (pedrib@gmail.com) of Agile Information Security for reporting these vulnerabilities.

This document was written by Joel Land.

Other Information

  • CVE IDs:CVE-2015-2862CVE-2015-2863
  • Date Public:13 Jul 2015
  • Date First Published:13 Jul 2015
  • Date Last Updated:13 Jul 2015
  • Document Revision:13

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/919604

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2015-07-22 05:38:27
  • Multiple Updates
2015-07-21 05:28:22
  • Multiple Updates
2015-07-13 21:25:51
  • First insertion