Fixes to Multiple Vulnerabilities

Fixes to Multiple Vulnerabilities

The following list of vulnerabilities reported by Tomasz KuczyƄski have been fixed in Desktop Central.


S.No


Vulnerability Details

1
Basic authentication in the agent - server communication has been enhanced by Client Certification Authentication.
2
Improper authorization handling in agent data posted to the server has been addressed.
3
Stored XSS vulnerability in the Inventory section has been addressed.
4
Single token per instance for agent authentication has been enhanced with an individual certificate for every agent (CVE-2020-28050).

How do I fix them? 


Please contact our support team at desktopcentral-support@manageengine.com to get the fix details.

                  New to ADSelfService Plus?