A researcher has uncovered a pair of vulnerabilities in the Kaseya VSA IT management platform, including an open redirect that could be used to force users to visit an attacker-controlled sites.
Kaseya VSA is a platform designed to handle a wide variety of IT management tasks, including audit, inventory, security, patch management, backup and recovery, and others. The company has customers in a umber of different industries and VSA is its flagship product.
The CERT Division at Carnegie Mellon University said in a vulnerability bulletin that the vulnerabilities affect several versions of VSA, including R9.1, R9, R8, and version 7.0. Of the two vulnerabilities, the open redirect is the only one that ca be exploited by an unauthenticated attacker.
“Kaseya VSA, versions V7.x, R8.x and R9.x, contain an open redirect vulnerability. An attacker may be able to leverage users’ trust in the domain to induce them to visit a site with malicious content,” the CERT bulletin says.
The other vulnerability that Kaseya patched is a path traversal bug.
“An authenticated attacker can traverse directories and download arbitrary files by submitting a specially crafted HTTP request to the server hosting the VSA software,” the bulletin says.