IDCVSSSummaryLast (major) updatePublished
CVE-2020-15027 7.5
ConnectWise Automate through 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. This was patched in 2020.7 and in a hotfix for 2019.12.
24-07-2020 - 12:39 16-07-2020 - 15:15
CVE-2020-15838 6.5
The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions.
21-07-2021 - 11:39 09-10-2020 - 07:15
CVE-2021-35066 7.5
An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132.
28-06-2021 - 20:52 21-06-2021 - 20:15
Back to Top Mark selected
Back to Top