2 matches found
CVE-2023-23130
CVE-2023-23130 affects ConnectWise Automate 2022.11. The issue is cleartext authentication exposed over HTTP with SSL disabled, meaning credentials and session data could be exposed on the network. Several sources (NVD, Red Hat advisory, CVE records) describe this as an authentication flaw where ...
CVE-2023-23130
Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being done via HTTP cleartext with SSL disabled. OTE: the vendor's position is that, by design, this is controlled by a configuration option in which a customer can choose to use HTTP rather than HTTPS durin...