Vulnerabilities > Kaseya
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-07 | CVE-2017-12478 | Improper Authentication vulnerability in Kaseya Unitrends Backup It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. | 10.0 |
| 2017-08-07 | CVE-2017-12477 | Improper Authentication vulnerability in Kaseya Unitrends Backup It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. | 10.0 |
| 2015-07-20 | CVE-2015-2863 | Open Redirection vulnerability in Kaseya Virtual System Administrator Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. network kaseya | 4.3 |
| 2015-07-20 | CVE-2015-2862 | Path Traversal vulnerability in Kaseya Virtual System Administrator Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request. | 4.0 |
| 2014-07-14 | CVE-2014-2926 | Unspecified vulnerability in Kaseya Virtual System Administrator 6.5/7.0 kapfa.sys in Kaseya Virtual System Administrator (VSA) 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16 allows local users to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | 1.7 |