National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2015-6922

Change History

Initial Analysis - 2/26/2020 10:21:40 AM

Action Type Old Value New Value
Changed Reference Type
http://packetstormsecurity.com/files/133782/Kaseya-Virtual-System-Administrator-Code-Execution-Privilege-Escalation.html No Types Assigned
http://packetstormsecurity.com/files/133782/Kaseya-Virtual-System-Administrator-Code-Execution-Privilege-Escalation.html Exploit, Third Party Advisory, VDB Entry
Changed Reference Type
http://www.zerodayinitiative.com/advisories/ZDI-15-448 No Types Assigned
http://www.zerodayinitiative.com/advisories/ZDI-15-448 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.zerodayinitiative.com/advisories/ZDI-15-449 No Types Assigned
http://www.zerodayinitiative.com/advisories/ZDI-15-449 Third Party Advisory, VDB Entry
Changed Reference Type
https://helpdesk.kaseya.com/entries/96164487--Kaseya-Security-Advisory No Types Assigned
https://helpdesk.kaseya.com/entries/96164487--Kaseya-Security-Advisory Broken Link, Vendor Advisory
Changed Reference Type
https://www.exploit-db.com/exploits/38351/ No Types Assigned
https://www.exploit-db.com/exploits/38351/ Exploit, Third Party Advisory, VDB Entry
Added CWE
NIST CWE-287
Added CVSS V2
NIST (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3.1
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CPE Configuration
OR
     *cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:* versions from (including) 7.0.0.0 up to (excluding) 7.0.0.33
     *cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:* versions from (including) 8.0.0.0 up to (excluding) 8.0.0.23
     *cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:* versions from (including) 9.0.0.0 up to (excluding) 9.0.0.19
     *cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:* versions from (including) 9.1.0.0 up to (excluding) 9.1.0.9