Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SysAid — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting SysAid. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SysAid serves as IT service management software helping organizations streamline IT operations and service desk functions. Historically, the platform has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These flaws often stem from improper input validation and access control weaknesses. While no major public security incidents have been widely documented, the 15 CVEs on record highlight consistent security challenges. The platform's web interface and integration points have been particularly susceptible to authentication bypass and information disclosure issues, requiring administrators to maintain rigorous patching protocols and secure configuration practices to mitigate potential exploitation risks.

Found 10 results / 15Clear Filters
Top products by SysAid: Sysaid SysAid On-Prem SysAid API SysAid - Okta SSO integration
CVE IDTitleCVSSSeverityPublished
CVE-2024-36394 SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') — SysAidCWE-78 9.1 Critical2024-06-06
CVE-2024-36393 SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') — SysAidCWE-89 9.9 Critical2024-06-06
CVE-2024-27775 SysAid - CWE-918: Server-Side Request Forgery (SSRF) — SysAidCWE-918 7.2 High2024-03-28
CVE-2023-32226 Sysaid - CWE-552: Files or Directories Accessible to External Parties — SysaidCWE-552 8.3 High2023-07-30
CVE-2023-32225 Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type — SysaidCWE-434 9.8 Critical2023-07-30
CVE-2022-23166 Sysaid – Sysaid Local File Inclusion (LFI) — Sysaid 6.1 Medium2022-05-12
CVE-2022-23165 Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) — SysaidCWE-79 5.5 Medium2022-05-12
CVE-2022-22798 Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control — Sysaid 6.8 Medium2022-05-12
CVE-2022-22797 Sysaid – sysaid Open Redirect — SysaidCWE-601 4.6 Medium2022-05-12
CVE-2022-22796 Sysaid – Sysaid System Takeover — Sysaid 7.0 High2022-05-12

This page lists every published CVE security advisory associated with SysAid. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.