ManageEngine Pitstop | Community and Support forums

                New to ADSelfService Plus?

                      • Announcements

                      • Security Recommendations for Mobile Device Manager Plus MSP on-premises and Cloud!

                        With the growing number of cyberattacks on enterprises, we would like to share a few security recommendations that can help enhance the security of the corporate data that is accessed from the web console of both Mobile Device Manager Plus MSP on-premises and cloud editions.   For Mobile Device Manager Plus MSP on-premises users, the first step to secure access to the server is to disable the default admin account provided when downloading the product. We recommend either creating a new administrator
                      • Fix for Security Issue in Mobile Device Manager Plus MSP

                        Mobile Device Manager Plus MSP has fixed an arbitrary file upload vulnerability. This vulnerability could otherwise have allowed a malicious user to upload any file without proper validation in the Windows app dependency file upload functionality.  To exploit this vulnerability, the user must authenticate themselves by logging in to the Mobile Device Manager Plus MSP console; they also need permissions to add apps to the App Repository. These two prerequisites reduce the chance of someone exploiting
                      • Remote Access Plus for remote work

                        Due to the recent outbreak of COVID-19, most global enterprises are adopting work from home policies. Organizations may extend their remote work operations well into the future to keep their employees safe. This is the new normal for IT administrators, who now have to work around the clock to monitor all of their enterprise’s endpoints remotely.   The go-to solution for IT technicians is ManageEngine Remote Access Plus, which can help you adapt to remote work culture.   Benefits of having this remote
                      • Fix for Security Issue in Mobile Device Manager Plus MSP

                        Mobile Device Manager Plus MSP has fixed an arbitrary file upload vulnerability which would have otherwise allowed users with malicious intent to upload any file without validation using the log upload functionality. The security fix is available in build #92684 and above. You can download the latest build from here. For any queries or assistance, please reach to our support team at msp-mdm-support@manageengine.com. Follow #mdm-security for all security related updates in Mobile Device Manager Plus
                      • Fix for Ghostcat Vulnerability (CVE 2020-1938) in Mobile Device Manager Plus MSP

                        Mobile Device Manager Plus MSP has released a security fix for the recently detected Ghostcat Vulnerability (CVE 2020-1938) which is a file read/inclusion vulnerability detected by Chaitin Tech. This vulnerability can be remotely exploited if the port 8009 is publicly exposed allowing users to read or include files in the webapp directories of Apache Tomcat.  The security fix is released in build #92762 and you can download the latest build from here. Follow #security-updates for all security related