CVE-2015-2863

Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
kaseyavirtual_system_administrator
7.0 ≤
𝑥
< 7.0.0.29
kaseyavirtual_system_administrator
8.0 ≤
𝑥
< 8.0.0.18
kaseyavirtual_system_administrator
9.0 ≤
𝑥
< 9.0.0.14
kaseyavirtual_system_administrator
9.1 ≤
𝑥
< 9.1.0.4
𝑥
= Vulnerable software versions
References
http://www.kb.cert.org/vuls/id/919604
http://www.kb.cert.org/vuls/id/919604