VYPR
Unrated severityNVD Advisory· Published Apr 21, 2020· Updated Nov 18, 2024

CVE-2020-10569

CVE-2020-10569

Description

SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. NOTE: This may be a duplicate of CVE-2020-1938

Affected products

2
  • SysAid/On-Premisedescription
  • Sysaid/Sysaidllm-fuzzy
    Range: = 20.1.11

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.