CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2019-16517
https://notcve.org/view.php?id=CVE-2019-16517
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a CORS misconfiguration, which reflected the Origin provided by incoming requests. This allowed JavaScript running on any domain to interact with the server APIs and perform administrative actions, without the victim's knowledge. Se detectó un problema en ConnectWise Control (anteriormente se conoce como ScreenConnect) versión 19.3.25270.7185. Se presenta una configuración inapropiada de CORS, que reflejó el Origen proporcionado por las peticiones entrantes. • https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34 https://know.bishopfox.com/advisories https://know.bishopfox.com/advisories/connectwise-control https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox • CWE-346: Origin Validation Error •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 2CVE-2019-16512
https://notcve.org/view.php?id=CVE-2019-16512
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier. Se detectó un problema en ConnectWise Control (anteriormente se conoce como ScreenConnect) versión 19.3.25270.7185. Se presenta una vulnerabilidad de tipo XSS almacenado en el modificador Appearance. • https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34 https://know.bishopfox.com/advisories https://know.bishopfox.com/advisories/connectwise-control https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2019-16513
https://notcve.org/view.php?id=CVE-2019-16513
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests. Se detectó un problema en ConnectWise Control (anteriormente se conoce como ScreenConnect) versión 19.3.25270.7185. Una vulnerabilidad de tipo CSRF puede ser usada para enviar peticiones de la API. • https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34 https://know.bishopfox.com/advisories https://know.bishopfox.com/advisories/connectwise-control https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2017-18362 – Kaseya VSA SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2017-18362
ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all endpoints managed by the VSA server. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run arbitrary SQL queries, both read and write, without authentication. La integración ConnectWise ManagedITSync, hasta la versión 2017 para Kaseya VSA, es vulnerable a comandos remotos no autenticados que permiten el acceso directo completo a la base de datos de Kaseya VSA. En febrero de 2019, los atacantes se han aprovechado de este hecho "in the wild" de manera activa para descargar y ejecutar cargas útiles en todos los endpoints gestionados por el servidor VSA. • http://archive.today/rdkeQ https://github.com/kbni/owlky https://webcache.googleusercontent.com/search?q=cache:ZEo8ZRF_iEIJ:https://helpdesk.kaseya.com/hc/en-gb/articles/360022495572-Connectwise-API-Vulnerability+ • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-11726
https://notcve.org/view.php?id=CVE-2017-11726
services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting. services/system_io/actionprocessor/System.rails en ConnectWise Manage 2017.5 es vulnerable a Cross-Site Request Forgery (CSRF), tal y como se demuestra cuando se cambia la configuración de una dirección de correo. • https://becomepentester.blogspot.in/2017/07/ConnectWise-Manage-CSRF-CVE-2017-11726.html • CWE-352: Cross-Site Request Forgery (CSRF) •