Security Updates on Vulnerabilities

CVE-2014-7862 - "Unauthorized Administrator Account Creation"

This document will explain you about the Vulnerability, which allows unauthorized users creating administrator account on Desktop Central. You can find more details on its impact in Desktop Central, and the steps to be followed to get it fixed.

Vulnerability ID : CVE-2014-7862
Update Released Build : 90109
Update Release Date : Jan 5th 2015

 

What was the Problem?

Unauthenticated users were able to create Administrator accounts in Desktop Central.

How do I fix it?

This has been identified and fixed, in the Desktop Central build # 90109. Upgrade to the latest build for this issue to be fixed.

If you are also using ServiceDesk Plus, integrated with Desktop Central then upgrade your ServiceDesk Plus to build # 9033 or later versions and enable authenticated communincation.

 

Keywords: Desktop Central Integration, Security Updates, Vulnerabilities and Fixes, Secure Integration, CVE-2014-7862, API Key Generation