Security Updates on Vulnerabilities

CVE-2014-7862 - "Unauthorized Administrator Account Creation"

This document will explain you about the Vulnerability, which allows unauthorized users creating administrator account on Endpoint Central MSP. You can find more details on its impact in Deskop Central MSP, and the steps to be followed to get it fixed.

Vulnerability ID : CVE-2014-7862
Update Released Build : 90109
Update Release Date : Jan 5th 2015

 

What was the Problem?

Unauthenticated users were able to create Administrator accounts in Endpoint Central MSP.

How do I fix it?

This has been identified and fixed, in the Endpoint Central MSP build # 90109. Upgrade to the latest build for this issue to be fixed. 

If you are also using ServiceDesk Plus MSP integrated with Endpoint Central MSP, then upgrade your ServiceDesk Plus MSP to build # 9033 or later versions and enable authenticated communication.

Keywords: Endpoint Central MSP Integration, Security Updates, Vulnerabilities and Fixes, Secure Integration, CVE-2014-7862, API Key Generation

Remote Desktop & Mobile Device Management Software for MSPs trusted by