Known Exploited Vulnerability: CVE-2017-18362

Kaseya VSA SQL Injection Vulnerability

Catalog version: 2026.07.10 Date added: 2022-05-24 Due date: 2022-06-14 CISA catalog

Vendor: Kaseya

Product: Virtual System/Server Administrator (VSA)

Required action: The impacted product is end-of-life and should be disconnected if still in use.

Known ransomware campaign use: Known

Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-18362

CWEs

cvelogic Threat Intelligence