An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HConnectwise Control
APPConnectwise19.3.25270.7185
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References
Related vulnerabilities
CVE-2023-25718CRITICAL9.8ten sam produkt
In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signe...
CVE-2019-16517CRITICAL9.8ten sam produkt
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a C...
CVE-2023-25719HIGH8.8ten sam produkt
ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parame...
CVE-2019-16514HIGH7.2ten sam produkt
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server a...
CVE-2019-16516MEDIUM5.3ten sam produkt
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a u...