EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
Risk Assessment & Dark Web MonitoringIdentify and quantify unknown cyber risks and vulnerabilities
Cloud App SecurityMonitor and manage security risk for SaaS apps
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
Policy ManagementCreate, deploy, and manage client security policies and profiles
Incident Response ServiceOn-tap cyber experts to address critical security incidents
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise Automate API Vulnerability
CVSS Score: 7.9
CWE: 89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Inadequate server-side validation within the probe implementation could potentially allow arbitrary statements to be executed.
- ConnectWise has applied the 2020.0.7.251 patch across all cloud partner environments.
- On-premise partners should immediately apply the patches listed below, following the important pre and post patch instructions available in the ConnectWise University here. The download link is available in the instruction page.
ConnectWise Automate 2020.0.7.251
ConnectWise Automate 2019.0.12.342