Sysaid: >> On-Premise Security Vulnerabilities
SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. NOTE: This may be a duplicate of CVE-2020-1938
CVSS Score
9.8
EPSS Score
0.019
Published
2020-04-21