Threat Advisories - NVD Disclosed November 10, 2023

CVE-2023-47246

SysAid Server Path Traversal Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A path traversal vulnerability in SysAid On-Premise enables attackers to execute code by writing a file to the webroot. This could expose organizational systems and data to unauthorized access. Mitigation is advised to reduce business risk.

NVD published: November 10, 2023 • CISA KEV