id	author	title	date	pages	extension	mime	words	sentences	flesch	summary	cache	txt
csirt-divd-nl-68		Kaseya VSA Limited Disclosure | DIVD CSIRT			.html	text/html	1457	157	66	Kaseya VSA Limited Disclosure | DIVD CSIRT Home / Blog / Kaseya vsa limited disclosure CVE-2021-30121 Authenticated local file inclusion in Kaseya VSA < v9.5.6... Why we are only disclosing limited details on the Kaseya vulnerabilities Ever since we released the news that we indeed notified Kaseya of a vulnerability used in the ransomware attack, we have been getting requests to release details about these vulnerabilities and the disclosure timeline. As the ransomware attack using Kaseya VSA software has shown, the effects of a malicious actor knowing the full details of a vulnerability can be devastating. In this blogpost and DIVD case DIVD-2021-00011 we publish the timeline and limited details of the vulnerabilities we notified Kaseya of. CVE-2021-30117 An SQL injection vulnerability, resolved in May 8th patch. CVE-2021-30118 A Remote Code Execution vulnerability, resolved in April 10th patch. CVE-2021-30121 A Local File Inclusion vulnerability, resolved in May 8th patch. CVE-2021-30201 A XML External Entity vulnerability, resolved in May 8th patch.	./cache/csirt-divd-nl-68.html	./txt/csirt-divd-nl-68.txt