3 matches found
CVE-2023-23127
CVE-2023-23127 affects ConnectWise Control version 22.8.10013.8329 where the login page does not implement HSTS, so HTTPS is not enforced. The vendor states this can be controlled by a configuration option to use HTTP during troubleshooting. Documented impact indicates a partial risk to confident...
ConnectWise Automate 安全漏洞
ConnectWise Automate is a cloud-based, local IT automation solution from ConnectWise USA. The product supports content management, file sharing, IT asset tracking and management, and more. A security vulnerability exists in ConnectWise Automate version 22.8.10013.8329 that stems from not setting...
ConnectWise Control 安全漏洞
ConnectWise Control is a self-hosted remote desktop software application from ConnectWise USA. A security vulnerability exists in ConnectWise Control version 22.8.10013.8329, which stems from vulnerability to cross-origin resource sharing CORS attacks...