-
EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
-
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
-
Risk Assessment & Vulnerability ManagementIdentify unknown cyber risks and routinely scan for vulnerabilities
-
Identity ManagementSecure and streamline client access to devices and applications with strong authentication and SSO
-
Cloud App SecurityMonitor and manage security risk for SaaS apps
-
SASEZero trust secure access for users, locations, and devices
-
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
-
Policy ManagementCreate, deploy, and manage client security policies and profiles
-
Incident Response ServiceOn-tap cyber experts to address critical security incidents
-
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise Automate Improper Restriction of XML External Entity Reference
06/18/2021
Vulnerability
CWE-611 Improper Restriction of XML External Entity Reference
Severity
Critical - Vulnerabilities that could allow the ability to remotely execute code or directly access confidential data.
Priority
1 - Vulnerabilities that are either being targeted or have a higher risk of being targeted by exploits in the wild. Recommend patching as soon as possible.
Affected Versions
2021.6 Build .131 and prior
Remediation
CLOUD:
No action needed. Cloud instances have been remediated.
ON-PREMISE:
Apply the 2021.0.6.132 patch
Additional Info
https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d
Software Updates
https://cwa.connectwise.com/release/2021/Patches/AutomatePatch_21.0.6.132.exe