ConnectWise Automate up to and including 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. This was patched in 2020.7 and in a hotfix for 2019.12.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
connectwise automate |