CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2017-18362	High	80.3%	KaseyaVirtual System/Server Administrator (VSA)	ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.	May 24, 2022	KEV
CVE-2018-20753	High	37.7%	KaseyaVirtual System/Server Administrator (VSA)	Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.	Apr 13, 2022	KEV
CVE-2021-30116	High	53.1%	KaseyaVirtual System/Server Administrator (VSA)	Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system.	Nov 3, 2021	KEV

CVE-2017-18362KEV

High

ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.

KaseyaEPSS 80.3%

CVE-2018-20753KEV

High

Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.

KaseyaEPSS 37.7%

CVE-2021-30116KEV

High

Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system.

KaseyaEPSS 53.1%