Query type restriction bypass

This document will explain you about the vulnerability reported by NCC Group Security Advisory which allows, unauthorised users to execute queries to alter database entries.

Vulnerabilities Fix Released on
CVE-2018-5339 and CVE-2018-5340 24-April-2018

 

What was the Problem?

Unauthorised users were able to execute queries to alter entries in database.

How do I fix it?

This has been identified and fixed on 24-April-2018. To apply this fix, follow the below steps:

  1. Log in to your Endpoint Central console, click on your current build number on the top right corner.
  2. You can find the latest build applicable to you. Download the PPM and update.
  3.  

    Keywords: Query Execution, Security Updates, Vulnerabilities and Fixes.