Fixes to Multiple Vulnerabilities

Fixes to Multiple Vulnerabilities

The following list of vulnerabilities reported by Tomasz KuczyƄski have been fixed in Desktop Central.


S.No


Vulnerability Details

1
Basic authentication in the agent - server communication has been enhanced by Client Certification Authentication.
2
Improper authorization handling in agent data posted to the server has been addressed.
3
Stored XSS vulnerability in the Inventory section has been addressed.
4
Single token per instance for agent authentication has been enhanced with an individual certificate for every agent (CVE-2020-28050).

How do I fix them? 


Please contact our support team at desktopcentral-support@manageengine.com to get the fix details.


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products