Vulnerabilities > Kaseya > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-06 | CVE-2021-43044 | Use of Hard-coded Credentials vulnerability in Kaseya Unitrends Backup An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. | 9.8 |
2021-12-06 | CVE-2021-43042 | Classic Buffer Overflow vulnerability in Kaseya Unitrends Backup An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. | 9.8 |
2021-12-06 | CVE-2021-43036 | Weak Password Requirements vulnerability in Kaseya Unitrends Backup An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. | 9.8 |
2021-12-06 | CVE-2021-43035 | SQL Injection vulnerability in Kaseya Unitrends Backup An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. | 9.8 |
2021-12-06 | CVE-2021-43033 | OS Command Injection vulnerability in Kaseya Unitrends Backup An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. | 9.8 |
2021-09-01 | CVE-2021-40387 | Unspecified vulnerability in Kaseya Unitrends Backup Software An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. | 9.0 |
2021-09-01 | CVE-2021-40385 | Unspecified vulnerability in Kaseya Unitrends Backup Software An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. | 9.0 |
2021-07-09 | CVE-2021-30118 | Unrestricted Upload of File with Dangerous Type vulnerability in Kaseya VSA An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management (RMM) 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leading to RCE. | 10.0 |
2021-07-09 | CVE-2021-30116 | Insufficiently Protected Credentials vulnerability in Kaseya VSA Agent and VSA Server Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. | 9.8 |
2017-08-07 | CVE-2017-12477 | Improper Authentication vulnerability in Kaseya Unitrends Backup It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. | 10.0 |