RSS   Vulnerabilities for 'Connectwise automate'   RSS

2021-06-17
 
CVE-2021-32582

CWE-89
 

 
An issue was discovered in ConnectWise Automate before 2021.5. A blind SQL injection vulnerability exists in core agent inventory communication that can enable an attacker to extract database information or administrative credentials from an instance via crafted monitor status responses.

 

 >>> Vendor: Connectwise 5 Products
Control
Manage
Manageditsync
Automate
Connectwise automate


Copyright 2024, cxsecurity.com

 

Back to Top