ConnectWise Automate Improper Authentication
04/08/2021
Vulnerability
CWE-287 - Improper Authentication
Severity
Critical - Vulnerabilities that could allow the ability to remotely execute code or directly access confidential data
Priority
1 - Vulnerabilities that are either being targeted or have higher risk of being targeted by exploits in the wild. Recommend patching as soon as possible.
Remediation
CLOUD:
No action needed. Cloud instances have been remediated.
ON-PREMISE:
Apply the 2021.4 release.
Additional Info
https://home.connectwise.com/securityBulletin/606f62ef39917e00016f21cc
Software Updates
Latest Stable:https://university.connectwise.com/University/automateresources/productsandupdates.aspx