【概要】
CVE番号 | 説明 |
---|---|
CVE-2021-30116 | A credentials leak and business logic flaw, to be included in 9.5.7 |
CVE-2021-30117 | An SQL injection vulnerability, resolved in May 8th patch. |
CVE-2021-30118 | A Remote Code Execution vulnerability, resolved in April 10th patch. (v9.5.6) |
CVE-2021-30119 | A Cross Site Scripting vulnerability, to be included in 9.5.7 |
CVE-2021-30120 | 2FA bypass, to be resolved in v9.5.7 |
CVE-2021-30121 | A Local File Inclusion vulnerability, resolved in May 8th patch. |
CVE-2021-30201 | A XML External Entity vulnerability, resolved in May 8th patch. |
【ニュース】
◆Kaseya patches VSA vulnerabilities used in REvil ransomware attack (BleepingComputer, 2021/07/11 16:50)
https://www.bleepingcomputer.com/news/security/kaseya-patches-vsa-vulnerabilities-used-in-revil-ransomware-attack/
【関連まとめ記事】
◆全体まとめ
◆インシデント (まとめ)
◆ランサムウェアインシデント (まとめ)
◆インシデント: カセヤ / Kaseya (まとめ)
https://malware-log.hatenablog.com/entry/Incident_Kaseya
◆マルウェア / Malware (まとめ)
◆ランサムウェア (まとめ)
◆Sodinokibi / REvil (まとめ)
https://malware-log.hatenablog.com/entry/Sodin