ConnectWise Automate through 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. This was patched in 2020.7 and in a hotfix for 2019.12.
9.8CVSS
9.4AI Score
0.004EPSS
9.8CVSS
9.3AI Score
0.002EPSS