Vulnerabilities > CVE-2017-12479 - Unspecified vulnerability in Kaseya Unitrends Backup

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

kaseya

critical

exploit available

NVD

Published: 2017-08-07

Updated: 2021-12-06

Summary

It was discovered that an issue in the session logic in Unitrends Backup (UB) before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could then execute arbitrary commands with root privileges.

Vulnerable Configurations

Part	Description	Count
Application	Kaseya Kaseya Unitrends Backup 1.7.1H Kaseya Unitrends Backup 2.1.0 Kaseya Unitrends Backup 4.2.2 Kaseya Unitrends Backup 6.0.0 Kaseya Unitrends Backup 6.3.0 Kaseya Unitrends Backup 7.4.0 Kaseya Unitrends Backup 9.0 Kaseya Unitrends Backup 9.1	8

Exploit-Db

description	Unitrends UEB 9.1 - Privilege Escalation. CVE-2017-12479. Webapps exploit for PHP platform
id	EDB-ID:42959
last seen	2017-10-06
modified	2017-08-08
published	2017-08-08
reporter	Exploit-DB
source	https://www.exploit-db.com/download/42959/
title	Unitrends UEB 9.1 - Privilege Escalation

Packetstorm

data source	https://packetstormsecurity.com/files/download/144513/unitrendsueb91-escalate.txt
id	PACKETSTORM:144513
last seen	2017-10-08
published	2017-10-04
reporter	Benny Husted
source	https://packetstormsecurity.com/files/144513/Unitrends-UEB-9.1-Privilege-Escalation.html
title	Unitrends UEB 9.1 Privilege Escalation

References

https://support.unitrends.com/UnitrendsBackup/s/article/000005757