CVSS: 9.8EPSS: 96%CPEs: 1EXPL: 3CVE-2023-47246 – SysAid Server Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2023-47246
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. En SysAid On-Premise anterior al 23.3.36, una vulnerabilidad de path traversal conduce a la ejecución de código después de que un atacante escribe un archivo en la raíz web de Tomcat, tal como se explotó en noviembre de 2023. SysAid Server (on-premises version) contains a path traversal vulnerability that leads to code execution. • https://github.com/W01fh4cker/CVE-2023-47246-EXP https://github.com/tucommenceapousser/CVE-2023-47246 https://documentation.sysaid.com/docs/latest-version-installation-files https://documentation.sysaid.com/docs/on-premise-security-enhancements-2023 https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32226 – Sysaid - CWE-552: Files or Directories Accessible to External Parties
https://notcve.org/view.php?id=CVE-2023-32226
Sysaid - CWE-552: Files or Directories Accessible to External Parties - Authenticated users may exfiltrate files from the server via an unspecified method. • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32225 – Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type
https://notcve.org/view.php?id=CVE-2023-32225
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method. • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 38EXPL: 1CVE-2020-13168
https://notcve.org/view.php?id=CVE-2020-13168
SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter. SysAid versión 20.1.11b26, permite un ataque de tipo XSS reflejado por medio del parámetro accountid del archivo ForgotPassword.jsp • https://github.com/lodestone-security/CVEs/tree/master/CVE-2020-13168 https://www.sysaid.com/product/on-premise/latest-release • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •