Lucene search

CertccCVE-2015-2863

HistoryJul 20, 2015 - 11:59 p.m.

CVE-2015-2863

2015-07-2023:59:01

certcc

web.nvd.nist.gov

cve-2015-2863

kaseya vsa

open redirect vulnerability

phishing attacks

security advisory

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

79.1%

JSON

Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

Nvd

Node

kaseyavirtual_system_administratorRange7.0–7.0.0.29

kaseyavirtual_system_administratorRange8.0–8.0.0.18

kaseyavirtual_system_administratorRange9.0–9.0.0.14

kaseyavirtual_system_administratorRange9.1–9.1.0.4

VendorProductVersionCPE
kaseyavirtual_system_administrator*cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kaseya	virtual_system_administrator	*	cpe:2.3:a:kaseya:virtual_system_administrator::::::::

References

www.kb.cert.org/vuls/id/919604

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

79.1%

JSON

Related for CVE-2015-2863