Vulnerabilites related to connectwise - automate
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:06
Severity ?
Summary
The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent | Third Party Advisory | |
| cve@mitre.org | https://www.connectwise.com/company/trust/security-bulletins | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.connectwise.com/company/trust/security-bulletins | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connectwise:automate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12B13665-D5C7-47F9-A705-21594C864CB7",
"versionEndExcluding": "2020.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions."
},
{
"lang": "es",
"value": "El Agent Update System en ConnectWise Automate versiones anteriores a 2020.8, permite una Escalada de Privilegios porque la carpeta _LTUPDATE presenta permisos d\u00e9biles"
}
],
"id": "CVE-2020-15838",
"lastModified": "2024-11-21T05:06:17.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-09T07:15:10.840",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-16 15:15
Modified
2024-11-21 05:04
Severity ?
Summary
ConnectWise Automate through 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. This was patched in 2020.7 and in a hotfix for 2019.12.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://slagle.tech/2020/07/06/cve-2020-15027/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://slagle.tech/2020/07/06/cve-2020-15027/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | * | |
| connectwise | automate | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connectwise:automate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7193C82E-A3AD-4BBA-AB48-C84D0FD3EAF9",
"versionEndExcluding": "2019.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:connectwise:automate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05BF9CB5-50FB-43E8-9839-42835BBFC4F9",
"versionEndIncluding": "2020.7",
"versionStartIncluding": "2020.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ConnectWise Automate through 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. This was patched in 2020.7 and in a hotfix for 2019.12."
},
{
"lang": "es",
"value": "ConnectWise Automate versiones hasta 2020.x, presenta una comprobaci\u00f3n insuficiente en determinadas rutas de autenticaci\u00f3n, permitiendo una omisi\u00f3n de autenticaci\u00f3n por medio de una serie de intentos. Esto fue parcheado en versi\u00f3n 2020.7 y en una revisi\u00f3n para la versi\u00f3n 2019.12"
}
],
"id": "CVE-2020-15027",
"lastModified": "2024-11-21T05:04:39.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-16T15:15:27.923",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://slagle.tech/2020/07/06/cve-2020-15027/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://slagle.tech/2020/07/06/cve-2020-15027/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-01 22:15
Modified
2024-11-21 08:30
Severity ?
Summary
ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | - | |
| connectwise | screenconnect | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connectwise:automate:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE4186A-BC6E-4E27-887C-D9C4FBBE5943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3CC076-9C69-45B8-81E8-E671B6512719",
"versionEndExcluding": "23.8.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings"
},
{
"lang": "es",
"value": "ConnectWise ScreenConnect hasta 23.8.4 permite a los usuarios locales conectarse a servidores de retransmisi\u00f3n arbitrarios mediante la confianza impl\u00edcita en la configuraci\u00f3n del proxy"
}
],
"id": "CVE-2023-47256",
"lastModified": "2024-11-21T08:30:03.873",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-01T22:15:55.103",
"references": [
{
"source": "cve@mitre.org",
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-21 20:15
Modified
2024-11-21 06:11
Severity ?
Summary
An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d | Permissions Required, Vendor Advisory | |
| cve@mitre.org | https://www.connectwise.com/company/trust/security-bulletins | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.connectwise.com/company/trust/security-bulletins | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connectwise:automate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE5415FB-A306-47AE-A68A-E000D346BD5A",
"versionEndExcluding": "2021.0.6.132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de tipo XXE en ConnectWise Automate versiones anteriores a 2021.0.6.132"
}
],
"id": "CVE-2021-35066",
"lastModified": "2024-11-21T06:11:46.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-21T20:15:09.517",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-01 14:15
Modified
2024-11-21 07:45
Severity ?
Summary
Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and used to manipulate users to perform unintended actions. NOTE: the vendor's position is that a Content-Security-Policy HTTP response header is present to block this attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/l00neyhacker/CVE-2023-23126 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/l00neyhacker/CVE-2023-23126 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | 2022.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connectwise:automate:2022.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F93619A6-A32A-46DC-B4BD-7BDFB2A778E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and used to manipulate users to perform unintended actions. NOTE: the vendor\u0027s position is that a Content-Security-Policy HTTP response header is present to block this attack."
}
],
"id": "CVE-2023-23126",
"lastModified": "2024-11-21T07:45:52.250",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-01T14:15:09.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/l00neyhacker/CVE-2023-23126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/l00neyhacker/CVE-2023-23126"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-01 22:15
Modified
2024-11-21 08:30
Severity ?
Summary
ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | - | |
| connectwise | screenconnect | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connectwise:automate:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE4186A-BC6E-4E27-887C-D9C4FBBE5943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3CC076-9C69-45B8-81E8-E671B6512719",
"versionEndExcluding": "23.8.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages."
},
{
"lang": "es",
"value": "ConnectWise ScreenConnect hasta la versi\u00f3n 23.8.4 permite a atacantes de man in the middle lograr la ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s de mensajes manipulados."
}
],
"id": "CVE-2023-47257",
"lastModified": "2024-11-21T08:30:04.067",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-01T22:15:55.170",
"references": [
{
"source": "cve@mitre.org",
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-01 14:15
Modified
2024-11-21 07:45
Severity ?
Summary
Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being done via HTTP (cleartext) with SSL disabled. OTE: the vendor's position is that, by design, this is controlled by a configuration option in which a customer can choose to use HTTP (rather than HTTPS) during troubleshooting.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/l00neyhacker/CVE-2023-23130 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/l00neyhacker/CVE-2023-23130 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | 2022.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connectwise:automate:2022.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F93619A6-A32A-46DC-B4BD-7BDFB2A778E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being done via HTTP (cleartext) with SSL disabled. OTE: the vendor\u0027s position is that, by design, this is controlled by a configuration option in which a customer can choose to use HTTP (rather than HTTPS) during troubleshooting."
}
],
"id": "CVE-2023-23130",
"lastModified": "2024-11-21T07:45:52.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-01T14:15:09.777",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/l00neyhacker/CVE-2023-23130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/l00neyhacker/CVE-2023-23130"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2020-15838
Vulnerability from cvelistv5
Published
2020-10-09 06:37
Modified
2024-08-04 13:30
Severity ?
EPSS score ?
Summary
The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.connectwise.com/company/trust/security-bulletins | x_refsource_CONFIRM | |
| https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:30:22.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-09T06:37:47",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.connectwise.com/company/trust/security-bulletins",
"refsource": "CONFIRM",
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"name": "https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent",
"refsource": "MISC",
"url": "https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15838",
"datePublished": "2020-10-09T06:37:47",
"dateReserved": "2020-07-20T00:00:00",
"dateUpdated": "2024-08-04T13:30:22.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-23126
Vulnerability from cvelistv5
Published
2023-02-01 00:00
Modified
2024-08-02 10:28
Severity ?
EPSS score ?
Summary
Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and used to manipulate users to perform unintended actions. NOTE: the vendor's position is that a Content-Security-Policy HTTP response header is present to block this attack.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T14:36:02.869161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T14:36:12.294Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/l00neyhacker/CVE-2023-23126"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and used to manipulate users to perform unintended actions. NOTE: the vendor\u0027s position is that a Content-Security-Policy HTTP response header is present to block this attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/l00neyhacker/CVE-2023-23126"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-23126",
"datePublished": "2023-02-01T00:00:00",
"dateReserved": "2023-01-11T00:00:00",
"dateUpdated": "2024-08-02T10:28:40.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-15027
Vulnerability from cvelistv5
Published
2020-07-16 14:39
Modified
2024-08-04 13:00
Severity ?
EPSS score ?
Summary
ConnectWise Automate through 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. This was patched in 2020.7 and in a hotfix for 2019.12.
References
| ▼ | URL | Tags |
|---|---|---|
| https://slagle.tech/2020/07/06/cve-2020-15027/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:00:52.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://slagle.tech/2020/07/06/cve-2020-15027/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ConnectWise Automate through 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. This was patched in 2020.7 and in a hotfix for 2019.12."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-16T14:39:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://slagle.tech/2020/07/06/cve-2020-15027/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ConnectWise Automate through 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. This was patched in 2020.7 and in a hotfix for 2019.12."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://slagle.tech/2020/07/06/cve-2020-15027/",
"refsource": "MISC",
"url": "https://slagle.tech/2020/07/06/cve-2020-15027/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15027",
"datePublished": "2020-07-16T14:39:04",
"dateReserved": "2020-06-24T00:00:00",
"dateUpdated": "2024-08-04T13:00:52.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35066
Vulnerability from cvelistv5
Published
2021-06-21 19:05
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.connectwise.com/company/trust/security-bulletins | x_refsource_MISC | |
| https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:33:50.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-21T19:05:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.connectwise.com/company/trust/security-bulletins",
"refsource": "MISC",
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"name": "https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d",
"refsource": "MISC",
"url": "https://home.connectwise.com/securityBulletin/60cc8c63508a120001cb6e8d"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35066",
"datePublished": "2021-06-21T19:05:27",
"dateReserved": "2021-06-21T00:00:00",
"dateUpdated": "2024-08-04T00:33:50.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-23130
Vulnerability from cvelistv5
Published
2023-02-01 00:00
Modified
2024-08-02 10:28
Severity ?
EPSS score ?
Summary
Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being done via HTTP (cleartext) with SSL disabled. OTE: the vendor's position is that, by design, this is controlled by a configuration option in which a customer can choose to use HTTP (rather than HTTPS) during troubleshooting.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-22T14:53:07.535377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:22:27.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:39.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/l00neyhacker/CVE-2023-23130"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being done via HTTP (cleartext) with SSL disabled. OTE: the vendor\u0027s position is that, by design, this is controlled by a configuration option in which a customer can choose to use HTTP (rather than HTTPS) during troubleshooting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/l00neyhacker/CVE-2023-23130"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-23130",
"datePublished": "2023-02-01T00:00:00",
"dateReserved": "2023-01-11T00:00:00",
"dateUpdated": "2024-08-02T10:28:39.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-47256
Vulnerability from cvelistv5
Published
2024-02-01 00:00
Modified
2024-08-02 21:09
Severity ?
EPSS score ?
Summary
ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47256",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T20:06:26.752571Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T20:07:01.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:35.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix"
},
{
"tags": [
"x_transferred"
],
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T06:37:42.572010",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix"
},
{
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-47256",
"datePublished": "2024-02-01T00:00:00",
"dateReserved": "2023-11-05T00:00:00",
"dateUpdated": "2024-08-02T21:09:35.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-47257
Vulnerability from cvelistv5
Published
2024-02-01 00:00
Modified
2024-08-02 21:09
Severity ?
EPSS score ?
Summary
ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-05T17:09:14.795900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:53.633Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:36.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix"
},
{
"tags": [
"x_transferred"
],
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T06:37:41.002591",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix"
},
{
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-47257",
"datePublished": "2024-02-01T00:00:00",
"dateReserved": "2023-11-05T00:00:00",
"dateUpdated": "2024-08-02T21:09:36.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}