4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
79.1%
Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
id: CVE-2015-2863
info:
name: Kaseya Virtual System Administrator - Open Redirect
author: 0x_Akoko,AmirHossein Raeisi
severity: medium
description: |
Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
remediation: |
Apply the latest security patches and updates provided by Kaseya to fix the open redirect vulnerability in the Kaseya Virtual System Administrator (VSA).
reference:
- https://github.com/pedrib/PoC/blob/3f927b957b86a91ce65b017c4b9c93d05e241592/advisories/Kaseya/kaseya-vsa-vuln.txt
- http://www.kb.cert.org/vuls/id/919604
- https://nvd.nist.gov/vuln/detail/CVE-2015-2863
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ARPSyndicate/cvemon
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
cvss-score: 4.3
cve-id: CVE-2015-2863
cwe-id: CWE-601
epss-score: 0.00626
epss-percentile: 0.76747
cpe: cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*
metadata:
max-request: 2
vendor: kaseya
product: virtual_system_administrator
tags: cve2015,cve,redirect,kaseya
http:
- method: GET
path:
- '{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me'
- '{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me'
stop-at-first-match: true
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$' # https://regex101.com/r/idfD2e/1
# digest: 490a0046304402204d2a37c6eb68a653c40afd87277f8343eb3e10c0bdd4316cd611f7ebc1e852ba022079d43910950fd7200f43f450956b7541df0fe79b603c2941ddc6ac3e7a2bb177:922c64590222798bb761d5b6d8e72950