Unrated severityNVD Advisory· Published Jun 8, 2015· Updated May 6, 2026

CVE-2015-3001

Description

SysAid Help Desk before 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password.

Affected products

Sysaid/Sysaid
cpe:2.3:a:sysaid:sysaid:*:*:*:*:*:*:*:*
Range: <=15.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.htmlnvdExploit
seclists.org/fulldisclosure/2015/Jun/8nvdExploit
www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desknvdVendor Advisory
www.securityfocus.com/archive/1/535679/100/0/threadednvd
www.securityfocus.com/bid/75035nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.011
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000