PT-2022-11962 · Sysaid · Sysaid Itil

Brandon Perry

Published

2022-01-11

Updated

2022-01-22

CVE-2021-43972

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions SysAid ITIL version 20.4.74 b10

Description The issue allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root with an arbitrary filename. This is achieved via the tempFile and fileName parameters in the HTTP POST body to the "/UserSelfServiceSettings.jsp" API endpoint.

Recommendations For SysAid ITIL version 20.4.74 b10, as a temporary workaround, consider restricting access to the "/UserSelfServiceSettings.jsp" endpoint until a patch is available. Avoid using the tempFile and fileName parameters in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-43972

Affected Products

Sysaid Itil

PT-2022-11962 · Sysaid · Sysaid Itil

CVE-2021-43972

Related Identifiers

Affected Products

References · 7