RSS   Vulnerabilities for 'On-premise'   RSS

2020-04-21
 
CVE-2020-10569

CWE-434
 

 
SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack.

 

 >>> Vendor: Sysaid 5 Products
Sysaid
On-premise
Sysaid on-premises
Sysaidsy on-premises
Application programming interface


Copyright 2022, cxsecurity.com

 

Back to Top