Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Hoard of vulnerabilities found in SysAid Help Desk

Hoard of vulnerabilities found in SysAid Help Desk

2015/06/04

Softpedia - (International) A security researcher discovered 11 vulnerabilities in SysAid Help Desk version 14.4, including a flaw that could allow an attacker to create an administrator account without any authentication, and an exploit in which an attacker could perform remote execution by uploading arbitrary files via directory transversal attacks. The software is used by over 10,000 organizations worldwide.

Source: http://news.softpedia.com/news/Hoard-of-Vulnerabilities-Found-in-SysAid-Help-Desk-483295.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:25