CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-43037
https://notcve.org/view.php?id=CVE-2021-43037
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM. Se ha detectado un problema en Kaseya Unitrends Backup Appliance versiones anteriores a 10.5.5. El agente de Unitrends para Windows era vulnerable a una inyección de DLL y una siembra de binarios debido a permisos no seguros por defecto. • https://helpdesk.kaseya.com/hc/en-gb/articles/4412762258961 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-1 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-2 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-43041
https://notcve.org/view.php?id=CVE-2021-43041
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP request could induce a format string vulnerability in the privileged vaultServer application. Se ha detectado un problema en Kaseya Unitrends Backup Appliance versiones anteriores a 10.5.5. Una petición HTTP diseñada podría inducir una vulnerabilidad de cadena de formato en la aplicación privilegiada vaultServer • https://helpdesk.kaseya.com/hc/en-gb/articles/4412762258961 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-1 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-2 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2021-43042
https://notcve.org/view.php?id=CVE-2021-43042
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A buffer overflow existed in the vaultServer component. This was exploitable by a remote unauthenticated attacker. Se ha detectado un problema en Kaseya Unitrends Backup Appliance versiones anteriores a 10.5.5. Se presentaba un desbordamiento del búfer en el componente vaultServer. • https://helpdesk.kaseya.com/hc/en-gb/articles/4412762258961 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-1 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-2 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-43038
https://notcve.org/view.php?id=CVE-2021-43038
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The wguest account could execute commands by injecting into PostgreSQL trigger functions. This allowed privilege escalation from the wguest user to the postgres user. Se ha detectado un problema en Kaseya Unitrends Backup Appliance versiones anteriores a 10.5.5. La cuenta wguest podía ejecutar comandos inyectando en funciones de activación de PostgreSQL. • https://helpdesk.kaseya.com/hc/en-gb/articles/4412762258961 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-1 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-43043
https://notcve.org/view.php?id=CVE-2021-43043
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule. Se ha detectado un problema en Kaseya Unitrends Backup Appliance versiones anteriores a 10.5.5. El usuario apache podía leer archivos arbitrarios como /etc/shadow al abusar de una regla Sudo no segura • https://helpdesk.kaseya.com/hc/en-gb/articles/4412762258961 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-1 https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-2 •