This document will explain you about the Vulnerability, which allows unauthorized users creating administrator account on Endpoint Central MSP. You can find more details on its impact in Deskop Central MSP, and the steps to be followed to get it fixed.
Vulnerability ID : CVE-2014-7862
Update Released Build : 90109
Update Release Date : Jan 5th 2015
Unauthenticated users were able to create Administrator accounts in Endpoint Central MSP.
This has been identified and fixed, in the Endpoint Central MSP build # 90109. Upgrade to the latest build for this issue to be fixed.
If you are also using ServiceDesk Plus MSP integrated with Endpoint Central MSP, then upgrade your ServiceDesk Plus MSP to build # 9033 or later versions and enable authenticated communication.
Keywords: Endpoint Central MSP Integration, Security Updates, Vulnerabilities and Fixes, Secure Integration, CVE-2014-7862, API Key Generation
Free Edition