PT-2022-11963 · Sysaid · Sysaid Itil
Brandon Perry
·
Published
2022-01-11
·
Updated
2022-01-22
·
CVE-2021-43973
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SysAid ITIL version 20.4.74 b10
Description
The issue allows a remote authenticated attacker to upload an arbitrary file via the
file parameter in the HTTP POST body to the "/UploadPsIcon.jsp" API endpoint. A successful request returns the absolute, server-side filesystem path of the uploaded file.Recommendations
For SysAid ITIL version 20.4.74 b10, consider restricting access to the "/UploadPsIcon.jsp" endpoint until a patch is available. As a temporary workaround, avoid using the
file parameter in the affected API endpoint to minimize the risk of exploitation.Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sysaid Itil