Agent Authentication Mechanism Enhancement (CVE-2020-28050)

Previously, the Desktop Central agents were authenticated using a single token for an instance. Now, the agent authentication mechanism has been upgraded so that each specific Desktop Central agent is authenticated using a unique certificate.The vulnerability was reported by Tomasz KuczyƄski.

How do I fix it?

This has been identified and fixed in Desktop Central build 10.0.647. Customers have to upgrade to build 10.0.647 or above to patch this vulnerability.

The following are the steps to enable Client Certificate Authentication to address this vulnerability: Login to the web console and Navigate to Admin > Security Settings > Enable Client Certificate Authentication.

You may also refer to this link for more information.

For any queries, feel free to contact our support team at desktopcentral-support@manageengine.com

    Keywords: Security Updates, Vulnerabilities and Fixes.