This document will explain you about the vulnerabilities, which allows attackers to execute arbitrary code on the Endpoint Central server. You can find more details on its impact in Endpoint Central MSP, and the steps to be followed to get it fixed.
| Vulnerabilities | Update Released Build | Update Released Date |
|---|---|---|
| CVE-2014-5005, CVE-2014-5006, CVE-2014-5007, CVE-2013-7390 |
90055 | Aug 7th 2014 |
| CVE-2014-9371 | 90066 | Sep 10th 2014 |
| Remote Code Execution on ZohoMeetingAppletInstall.jar | 90128 | Jan 22nd 2015 |
| Remote Code Execution in System tools' execution status update | 91043 | Jul 13th 2015 |
| Remote Code Execution while uploading recorded remote sessions to the server | 91093 | Oct 24th 2015 |
| CVE-2015-82001 & Remote Code Execution in few servlets | 91100 | Dec 12th 2015 |
|
CVE-2017-11346 Remote Code Execution while uploading help desk videos
|
100092 | May 22nd 2017 |
Attackers were able to remotely execute vulnerable arbitrary codes on Endpoint Central MSP server. This might hinder or harm the data or process of Endpoint Central MSP.
This has been identified and fixed, in the Endpoint Central MSP build # 100092. Upgrade to the latest build for these issues to be fixed.
Keywords: Remote Code Execution, Security Updates, Vulnerabilities and Fixes, CVE-2014-5005, CVE-2014-5006, CVE-2014-5007, CVE-2013-7390, CVE-2014-9371, ZohoMeetingAppletInstall.jar
Free Edition