CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Nov 17, 2021

High

CISA KEVEPSS 53.1%Ransomware

CVE-2021-30116

Kaseya—Virtual System/Server Administrator (VSA)

Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system.

EPSS — Exploit Probability

53.1%

Higher than 97.9% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2021-30116

Vulnerability Overview

Severity: High
EPSS: 53.1%
CISA KEV: Yes
Ransomware: Known
Published: Nov 3, 2021
KEV Added: Nov 3, 2021
Due Date: Nov 17, 2021
Related Articles: 0

Vendor

Kaseya

Virtual System/Server Administrator (VSA)