Sysaid vulnerabilities
32 known vulnerabilities affecting sysaid/sysaid.
Total CVEs
32
CISA KEV
3
actively exploited
Public exploits
16
Exploited in wild
4
Severity breakdown
CRITICAL7HIGH10MEDIUM15
Vulnerabilities
Page 1 of 2
CVE-2023-47246P1CRITICALCVSS 9.8KEVPoCRansomwarefixed in 23.3.362023-11-10
CVE-2023-47246 [CRITICAL] CWE-22 CVE-2023-47246: In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
nvd
CVE-2025-2776P1CRITICALCVSS 9.8KEVPoC≤ 23.3.402025-05-07
CVE-2025-2776 [CRITICAL] CWE-611 CVE-2025-2776: SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vu
SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.
nvd
CVE-2025-2775P1HIGHCVSS 7.5KEVPoC≤ 23.3.402025-05-07
CVE-2025-2775 [HIGH] CWE-611 CVE-2025-2775: SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vu
SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.
nvd
CVE-2025-2777P1CRITICALCVSS 9.8ExploitedPoC≤ 23.3.402025-05-07
CVE-2025-2777 [CRITICAL] CWE-611 CVE-2025-2777: SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vu
SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives.
nvd
CVE-2015-2996P2HIGHCVSS 8.5PoC≤ 15.12015-06-08
CVE-2015-2996 [HIGH] CWE-22 CVE-2015-2996: Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers
Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the fileName parameter to getGfiUpgradeFile or (2) cause a denial of service (CPU and memory consumption) via a .. (dot dot) in the fileName parameter to calculateRdsFileChecksum.
nvd
CVE-2015-2993P2HIGHCVSS 7.5PoC≤ 15.12015-06-08
CVE-2015-2993 [HIGH] CWE-264 CVE-2015-2993: SysAid Help Desk before 15.2 does not properly restrict access to certain functionality, which allow
SysAid Help Desk before 15.2 does not properly restrict access to certain functionality, which allows remote attackers to (1) create administrator accounts via a crafted request to /createnewaccount or (2) write to arbitrary files via the fileName parameter to /userentry.
nvd
CVE-2015-2994P2MEDIUMCVSS 6.5PoC≤ 15.12015-06-08
CVE-2015-2994 [MEDIUM] CVE-2015-2994: Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid Help Desk before 15.2 allows rem
Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid Help Desk before 15.2 allows remote administrators to execute arbitrary code by uploading a file with a .jsp extension, then accessing it via a direct request to the file in icons/user_photo/.
nvd
CVE-2015-2995P2MEDIUMCVSS 6.8PoC≤ 15.12015-06-08
CVE-2015-2995 [MEDIUM] CWE-22 CVE-2015-2995: The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not properly check file extensions, wh
The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not properly check file extensions, which allows remote attackers to upload and execute arbitrary files via a NULL byte after the extension, as demonstrated by a .war%00 file.
nvd
CVE-2015-3000P3HIGHCVSS 7.8PoC≤ 15.12015-06-08
CVE-2015-3000 [HIGH] CWE-399 CVE-2015-3000: SysAid Help Desk before 15.2 allows remote attackers to cause a denial of service (CPU and memory co
SysAid Help Desk before 15.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an XML document to (1) /agententry, (2) /rdsmonitoringresponse, or (3) /androidactions, aka an XML Entity Expansion (XEE) attack.
nvd
CVE-2015-2998P3MEDIUMCVSS 5.0PoC≤ 15.12015-06-08
CVE-2015-2998 [MEDIUM] CWE-200 CVE-2015-2998: SysAid Help Desk before 15.2 uses a hardcoded encryption key, which makes it easier for remote attac
SysAid Help Desk before 15.2 uses a hardcoded encryption key, which makes it easier for remote attackers to obtain sensitive information, as demonstrated by decrypting the database password in WEB-INF/conf/serverConf.xml.
nvd
CVE-2015-2999P3MEDIUMCVSS 6.5PoC≤ 15.12015-06-08
CVE-2015-2999 [MEDIUM] CWE-89 CVE-2015-2999: Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 allow remote administrators t
Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 allow remote administrators to execute arbitrary SQL commands via the (1) groupFilter parameter in an AssetDetails report to /genericreport, customSQL parameter in a (2) TopAdministratorsByAverageTimer report or an (3) ActiveRequests report to /genericreport, (4) dir parameter to He
nvd
CVE-2015-2997P3MEDIUMCVSS 5.0PoC≤ 15.12015-06-08
CVE-2015-2997 [MEDIUM] CWE-200 CVE-2015-2997: SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid
SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid value in the accountid parameter to getAgentLogFile, as demonstrated by a large directory traversal sequence, which reveals the installation path in an error message.
nvd
CVE-2024-36394P2CRITICALCVSS 9.8≤ 23.3.38≥ All versions, ≤ 23.3.382024-06-06
CVE-2024-36394 [CRITICAL] CWE-78 CVE-2024-36394: SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Inje
SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
nvd
CVE-2021-31862P3MEDIUMCVSS 6.1PoCv20.4.742021-10-29
CVE-2021-31862 [MEDIUM] CWE-79 CVE-2021-31862: SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication.
SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication.
nvd
CVE-2022-22796P3CRITICALCVSS 9.8fixed in 21.1.30fixed in 21.4.45+2 more2022-05-12
CVE-2022-22796 [CRITICAL] CWE-287 CVE-2022-22796: Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to:
Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication.
nvd
CVE-2024-36393P2CRITICALCVSS 9.8≤ 23.3.38≥ All versions, ≤ 23.3.382024-06-06
CVE-2024-36393 [CRITICAL] CWE-89 CVE-2024-36393: SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'
SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
nvd
CVE-2014-9436P3MEDIUMCVSS 5.0PoC≤ 14.42015-01-02
CVE-2014-9436 [MEDIUM] CWE-22 CVE-2014-9436: Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to
Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile.
nvd
CVE-2015-3001P3MEDIUMCVSS 5.0PoC≤ 15.12015-06-08
CVE-2015-3001 [MEDIUM] CWE-255 CVE-2015-3001: SysAid Help Desk before 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express us
SysAid Help Desk before 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password.
nvd
CVE-2021-43973P3HIGHCVSS 8.8v20.4.742022-01-11
CVE-2021-43973 [HIGH] CWE-434 CVE-2021-43973: An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a r
An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to upload an arbitrary file via the file parameter in the HTTP POST body. A successful request returns the absolute, server-side filesystem path of the uploaded file.
nvd
CVE-2022-23166P3CRITICALCVSS 9.8fixed in 22.1.64fixed in 22.2.20+2 more2022-05-12
CVE-2022-23166 [CRITICAL] CWE-22 CVE-2022-23166: Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or to 22.1.64 on premise version.
nvd
1 / 2Next →