← volver
CVE-2021-32582

CVE-2021-32582

EPSS 1.1%
An issue was discovered in ConnectWise Automate before 2021.5. A blind SQL injection vulnerability exists in core agent inventory communication that can enable an attacker to extract database information or administrative credentials from an instance via crafted monitor status responses.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://home.connectwise.com/securityBulletin/609a9dd75cb8450001e85369https://www.connectwise.com/company/trust/security-bulletinshttps://www.connectwise.com/platform/unified-management/automate