CVE-2021-30121 - OpenCVE

Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\Kaseya\WebPages\dl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Kaseya	Vsa

Configuration 1 [-]

cpe:2.3:a:kaseya:vsa:*:*:*:*:-:*:*:*

References

Link	Resource
https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/	Patch Third Party Advisory
https://csirt.divd.nl/CVE-2021-30121	Exploit Third Party Advisory
https://csirt.divd.nl/DIVD-2021-00011	Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-07-09T13:24:28

Updated: 2022-04-04T06:25:19

Reserved: 2021-04-02T00:00:00

Link: CVE-2021-30121

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-07-09T14:15:07.930

Modified: 2022-04-29T18:57:59.070

Link: CVE-2021-30121

JSON object: View

Redhat Information

No data.

CWE

CWE-829

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "credits": [{"lang": "en", "value": "Discovered by Wietse Boonstra of DIVD"}, {"lang": "en", "value": "Additional research by Frank Breedijk of DIVD"}], "descriptions": [{"lang": "en", "value": "Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\\Kaseya\\WebPages\\dl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-04T06:25:19", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://csirt.divd.nl/DIVD-2021-00011"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://csirt.divd.nl/CVE-2021-30121"}], "solutions": [{"lang": "en", "value": "Upgrade to a version above 9.5.6"}], "source": {"advisory": "DIVD-2021-00011", "discovery": "INTERNAL"}, "title": "(Semi-)Authenticated local file inclusion in Kaseya VSA < v9.5.6", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-30121", "STATE": "PUBLIC", "TITLE": "(Semi-)Authenticated local file inclusion in Kaseya VSA < v9.5.6"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "credit": [{"lang": "eng", "value": "Discovered by Wietse Boonstra of DIVD"}, {"lang": "eng", "value": "Additional research by Frank Breedijk of DIVD"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\\Kaseya\\WebPages\\dl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", "refsource": "CONFIRM", "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/"}, {"name": "https://csirt.divd.nl/DIVD-2021-00011", "refsource": "CONFIRM", "url": "https://csirt.divd.nl/DIVD-2021-00011"}, {"name": "https://csirt.divd.nl/CVE-2021-30121", "refsource": "CONFIRM", "url": "https://csirt.divd.nl/CVE-2021-30121"}]}, "solution": [{"lang": "en", "value": "Upgrade to a version above 9.5.6"}], "source": {"advisory": "DIVD-2021-00011", "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-30121", "datePublished": "2021-07-09T13:24:28", "dateReserved": "2021-04-02T00:00:00", "dateUpdated": "2022-04-04T06:25:19", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kaseya:vsa:*:*:*:*:-:*:*:*", "matchCriteriaId": "3A890109-5AD9-4684-A46D-A80D6A5F1834", "versionEndExcluding": "9.5.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\\Kaseya\\WebPages\\dl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118"}, {"lang": "es", "value": "Inclusi\u00f3n de archivos locales semiautenticados El contenido de archivos arbitrarios puede ser devuelto por el servidor web Ejemplo de solicitud: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\\Kaseya\\WebPages\\dl.asp` Se requiere un SessionId v\u00e1lido pero puede ser f\u00e1cilmente obtenido a trav\u00e9s de CVE-2021-30118"}], "id": "CVE-2021-30121", "lastModified": "2022-04-29T18:57:59.070", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2021-07-09T14:15:07.930", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://csirt.divd.nl/CVE-2021-30121"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://csirt.divd.nl/DIVD-2021-00011"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "nvd@nist.gov", "type": "Primary"}]}