Описание
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel
vulnerability, which may allow an attacker direct access to confidential information or
critical systems.
Ссылки
- Issue TrackingPatchThird Party Advisory
- ExploitThird Party Advisory
- Press/Media CoverageThird Party Advisory
- Press/Media CoverageThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Press/Media CoverageThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitThird Party Advisory
- Press/Media CoverageThird Party Advisory
- Press/Media CoverageThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Press/Media CoverageThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 23.9.8 (исключая)
cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:*
EPSS
Процентиль: 100%
0.94322
Критический
10 Critical
CVSS3
Дефекты
CWE-288
NVD-CWE-Other
Связанные уязвимости
CVSS3: 10
github
почти 2 года назад
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.
CVSS3: 10
fstec
почти 2 года назад
Уязвимость программного средства организации удалённого доступа ConnectWise ScreenConnect, связанная с обходом процедуры аутентификации посредством использования альтернативного пути или канала, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 100%
0.94322
Критический
10 Critical
CVSS3
Дефекты
CWE-288
NVD-CWE-Other