CVE-2015-4099 - SysAid "Service Desk" - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVE-2015-4099 - SysAid "Service Desk" - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

  1. Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’)
  2. Details about vulnerability
  3. Version vulnerable
  4. Fixes
  5. CVE
  6. Acknowledgement
  7. Classification of this document
  8. Revision

You can report incidents via our official contact including e-mail, phone or use the Anonymous reporting form.

Search


CIRCL is accredited TI CIRCL is a FIRST member CIRCL is an OASIS member

Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’)

SysAid “Service Desk” can be instrumented to gain access to the underlying database, which usually means accessing the MSSQL server with the Administrator account (‘sa’).

Details about vulnerability

The “dir” parameter while posting to “/EndUserActions.jsp” is prone to a blind SQL injection.

Version vulnerable

SysAid “Service Desk” cloud versions prior to 15.1.70 are affected by this vulnerability. SysAid “Service Desk” on-premise versions prior to 15.2 are affected by this vulnerability.

Fixes

SysAid “Service Desk” cloud version 15.1.70 includes a fix for this specific vulnerability, according to the vendor. SysAid “Service Desk” on-premise version 15.2 includes a fix for this specific vulnerability, according to the vendor.

CVE

CVE-2015-4099

Acknowledgement

CIRCL would like to thank the reporter (Adrien Jolibert, Excellium Services S.A.).

Classification of this document

TLP:WHITE information may be distributed without restriction, subject to copyright controls.

Revision

  • Version 1.0 - TLP:WHITE - First version (20150626)