Security Recommendations for Mobile Device Manager Plus MSP on-premises and Cloud!
With the growing number of cyberattacks on enterprises, we would like to share a few security recommendations that can help enhance the security of the corporate data that is accessed from the web console of both Mobile Device Manager Plus MSP on-premises and cloud editions. For Mobile Device Manager Plus MSP on-premises users, the first step to secure access to the server is to disable the default admin account provided when downloading the product. We recommend either creating a new administrator
Fix for Security Issue in Mobile Device Manager Plus MSP
Mobile Device Manager Plus MSP has fixed an arbitrary file upload vulnerability. This vulnerability could otherwise have allowed a malicious user to upload any file without proper validation in the Windows app dependency file upload functionality. To exploit this vulnerability, the user must authenticate themselves by logging in to the Mobile Device Manager Plus MSP console; they also need permissions to add apps to the App Repository. These two prerequisites reduce the chance of someone exploiting
Remote Access Plus for remote work
Due to the recent outbreak of COVID-19, most global enterprises are adopting work from home policies. Organizations may extend their remote work operations well into the future to keep their employees safe. This is the new normal for IT administrators, who now have to work around the clock to monitor all of their enterprise’s endpoints remotely. The go-to solution for IT technicians is ManageEngine Remote Access Plus, which can help you adapt to remote work culture. Benefits of having this remote
Fix for Security Issue in Mobile Device Manager Plus MSP
Mobile Device Manager Plus MSP has fixed an arbitrary file upload vulnerability which would have otherwise allowed users with malicious intent to upload any file without validation using the log upload functionality. The security fix is available in build #92684 and above. You can download the latest build from here. For any queries or assistance, please reach to our support team at msp-mdm-support@manageengine.com. Follow #mdm-security for all security related updates in Mobile Device Manager Plus
Fix for Ghostcat Vulnerability (CVE 2020-1938) in Mobile Device Manager Plus MSP
Mobile Device Manager Plus MSP has released a security fix for the recently detected Ghostcat Vulnerability (CVE 2020-1938) which is a file read/inclusion vulnerability detected by Chaitin Tech. This vulnerability can be remotely exploited if the port 8009 is publicly exposed allowing users to read or include files in the webapp directories of Apache Tomcat. The security fix is released in build #92762 and you can download the latest build from here. Follow #security-updates for all security related
Fix for Security Issue in Mobile Device Manager Plus MSP
Mobile Device Manager Plus MSP has fixed a cross-site scripting (XSS) vulnerability recently detected by Ken Pyle, in it's latest update. This vulnerability allowed a user to view the cookies by running a param on the product login page. The security fix is available in build # 92698 and above. You can download the latest build from here. Follow #mdm-security for all security related updates on Mobile Device Manager Plus MSP.
ManageEngine announces a mobile device management solutions for MSPs
We are pleased to extend our offerings for mobile device management to Managed Service Providers as well. Mobile Device Manager Plus MSP gives service providers a single console to manage their client's mobile devices. Mobile Device Manager Plus MSP supports various features of it's parent product Mobile Device Manager Plus along with enhancements to suit the needs of MSPs around the world. Here are a few highlights of the product Support for multiple customers from a single console Personalised
Announcements
Security Recommendations for Mobile Device Manager Plus MSP on-premises and Cloud!
With the growing number of cyberattacks on enterprises, we would like to share a few security recommendations that can help enhance the security of the corporate data that is accessed from the web console of both Mobile Device Manager Plus MSP on-premises and cloud editions. For Mobile Device Manager Plus MSP on-premises users, the first step to secure access to the server is to disable the default admin account provided when downloading the product. We recommend either creating a new administrator
Fix for Security Issue in Mobile Device Manager Plus MSP
Mobile Device Manager Plus MSP has fixed an arbitrary file upload vulnerability. This vulnerability could otherwise have allowed a malicious user to upload any file without proper validation in the Windows app dependency file upload functionality. To exploit this vulnerability, the user must authenticate themselves by logging in to the Mobile Device Manager Plus MSP console; they also need permissions to add apps to the App Repository. These two prerequisites reduce the chance of someone exploiting
Remote Access Plus for remote work
Due to the recent outbreak of COVID-19, most global enterprises are adopting work from home policies. Organizations may extend their remote work operations well into the future to keep their employees safe. This is the new normal for IT administrators, who now have to work around the clock to monitor all of their enterprise’s endpoints remotely. The go-to solution for IT technicians is ManageEngine Remote Access Plus, which can help you adapt to remote work culture. Benefits of having this remote
Fix for Security Issue in Mobile Device Manager Plus MSP
Mobile Device Manager Plus MSP has fixed an arbitrary file upload vulnerability which would have otherwise allowed users with malicious intent to upload any file without validation using the log upload functionality. The security fix is available in build #92684 and above. You can download the latest build from here. For any queries or assistance, please reach to our support team at msp-mdm-support@manageengine.com. Follow #mdm-security for all security related updates in Mobile Device Manager Plus
Fix for Ghostcat Vulnerability (CVE 2020-1938) in Mobile Device Manager Plus MSP
Mobile Device Manager Plus MSP has released a security fix for the recently detected Ghostcat Vulnerability (CVE 2020-1938) which is a file read/inclusion vulnerability detected by Chaitin Tech. This vulnerability can be remotely exploited if the port 8009 is publicly exposed allowing users to read or include files in the webapp directories of Apache Tomcat. The security fix is released in build #92762 and you can download the latest build from here. Follow #security-updates for all security related