What is the severity of CVE-2017-18362?

CVE-2017-18362 is considered critical due to the potential for unauthenticated remote command execution and full access to the Kaseya VSA database.

How do I fix CVE-2017-18362?

To mitigate CVE-2017-18362, it is recommended to upgrade to a version of ConnectWise ManagedITSync released after 2017 and ensure proper network security measures are in place.

What kind of attack can be executed using CVE-2017-18362?

Exploiting CVE-2017-18362 allows attackers to execute remote commands, resulting in access to sensitive data and potential ransomware deployment.

Is CVE-2017-18362 actively being exploited?

Yes, CVE-2017-18362 has been actively exploited in the wild, specifically noted in incidents involving ransomware attacks.

Which products are affected by CVE-2017-18362?

CVE-2017-18362 affects ConnectWise ManagedITSync versions up to and including 2017 and Kaseya VSA.

Vulnerability/
CVE-2017-18362

Exploited

critical

9.8

CWE

5/2/2019

6/2/2025

CVE-2017-18362: Kaseya VSA SQL Injection Vulnerability

First published: Tue Feb 05 2019(Updated: )

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all endpoints managed by the VSA server. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run arbitrary SQL queries, both read and write, without authentication.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Connectwise Manageditsync	<=2017
Kaseya Virtual System/Server Administrator (VSA)
	<=2017

Remedy

The impacted product is end-of-life and should be disconnected if still in use.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-18362?
CVE-2017-18362 is considered critical due to the potential for unauthenticated remote command execution and full access to the Kaseya VSA database.
How do I fix CVE-2017-18362?
To mitigate CVE-2017-18362, it is recommended to upgrade to a version of ConnectWise ManagedITSync released after 2017 and ensure proper network security measures are in place.
What kind of attack can be executed using CVE-2017-18362?
Exploiting CVE-2017-18362 allows attackers to execute remote commands, resulting in access to sensitive data and potential ransomware deployment.
Is CVE-2017-18362 actively being exploited?
Yes, CVE-2017-18362 has been actively exploited in the wild, specifically noted in incidents involving ransomware attacks.
Which products are affected by CVE-2017-18362?
CVE-2017-18362 affects ConnectWise ManagedITSync versions up to and including 2017 and Kaseya VSA.

agent/type
agent/description
agent/title
agent/remedy
agent/weakness
agent/severity
collector/mitre-cve
source/MITRE
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
exploited/true
ransomware/true
collector/cisa-known-exploited
source/CISA
agent/software-canonical-lookup
agent/references
agent/softwarecombine
agent/event
agent/author
collector/nvd-cve
source/NVD
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
vendor/connectwise
canonical/connectwise manageditsync
version/connectwise manageditsync/2017
vendor/kaseya
canonical/kaseya virtual system/server administrator (vsa)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.