Unrestricted File Copy Vulnerability in SysAid ITIL Software
CVE-2021-43972

6.5MEDIUM

Key Information:

Vendor

Sysaid

Status
Sysaid
Vendor
CVE Published:
11 January 2022

What is CVE-2021-43972?

An unrestricted file copy vulnerability in SysAid ITIL 20.4.74 b10 permits a remote authenticated attacker to exploit the /UserSelfServiceSettings.jsp endpoint. By manipulating the tempFile and fileName parameters in an HTTP POST request, the attacker can copy arbitrary files from the server's filesystem to the web root with chosen filenames, potentially leading to sensitive data exposure and system compromise.

References

https://www.sysaid.com/it-service-management-software/inc...
x_refsource_MISC
https://github.com/atredispartners/advisories/blob/master...
x_refsource_MISC
https://github.com/atredispartners/advisories/blob/master...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.