Kaseya Virtual System Administrator (VSA) 7.x before, 8.x before, 9.0 before, and 9.1 before does not properly require authentication, which allows remote attackers to bypass authentication and (1) add an administrative account via crafted request to LocalAuth/setAccount.aspx or (2) write to and execute arbitrary files via a full pathname in the PathData parameter to ConfigTab/uploader.aspx.
Published 2020-02-17 18:15:12
Updated 2020-02-26 15:21:41
Source MITRE
View at NVD,   CVE.org
Vulnerability category: BypassGain privilege

Exploit prediction scoring system (EPSS) score for CVE-2015-6922

Probability of exploitation activity in the next 30 days EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2015-6922

  • Kaseya VSA uploader.aspx Arbitrary File Upload
    Disclosure Date: 2015-09-23
    First seen: 2020-04-26
    This module exploits an arbitrary file upload vulnerability found in Kaseya VSA versions between 7 and 9.1. A malicious unauthenticated user can upload an ASP file to an arbitrary directory leading to arbitrary code execution with IUSR privileges. This module has been
  • Kaseya VSA Master Administrator Account Creation
    Disclosure Date: 2015-09-23
    First seen: 2020-04-26
    This module abuses the setAccount page on Kaseya VSA between 7 and 9.1 to create a new Master Administrator account. Normally this page is only accessible via the localhost interface, but the application does nothing to prevent this apart from attempting to f

CVSS scores for CVE-2015-6922

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen

CWE ids for CVE-2015-6922

  • When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
    Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-6922

Products affected by CVE-2015-6922

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!