RSS   Vulnerabilities for 'VSA'   RSS

2021-07-09
 
CVE-2021-30116

CWE-522
 

 
Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021.

 
 
CVE-2021-30117

CWE-89
 

 
SQL injection exists in Kaseya VSA before 9.5.6.

 
 
CVE-2021-30118

NVD-CWE-noinfo
 

 
Kaseya VSA before 9.5.5 allows remote code execution.

 
 
CVE-2021-30119

CWE-79
 

 
Cross Site Scripting (XSS) exists in Kaseya VSA before 9.5.7.

 
 
CVE-2021-30120

CWE-863
 

 
Kaseya VSA through 9.5.7 allows attackers to bypass the 2FA requirement.

 
 
CVE-2021-30121

CWE-829
 

 
Local file inclusion exists in Kaseya VSA before 9.5.6.

 
 
CVE-2021-30201

CWE-611
 

 
An XML External Entity (XXE) issue exists in Kaseya VSA before 9.5.6.

 

 >>> Vendor: Kaseya 3 Products
Virtual system administrator
VSA
Unitrends backup software


Copyright 2021, cxsecurity.com

 

Back to Top