# Endpoint Central is vulnerable to CVE-2020-25694

## Is Endpoint Central vulnerable to this CVE?

**Yes**, **Endpoint Central** is vulnerable to **CVE-2020-25694** vulnerability. Read the document fully for further details.

## What was the issue?

If a client application using PostgreSQL establishes multiple database connections without using the security parameters, either an opportunity for a man-in-the-middle attack or the ability to observe clear-text transmissions could exist.

## Why Endpoint Central is vulnerable to this CVE?

**CVE-2020-25694** affects **Endpoint Central** as an old version of **PostgreSQL** is being used.

## Future plan for Upgrade

Since **Endpoint Central** is vulnerable to this CVE, it is categorised as high priority, and we'll be upgrading to the latest **PostgreSQL** version at the earliest.