CVE-2014-7862 - "Unauthorized Administrator Account Creation"

This document will explain you about the Vulnerability, which allows unauthorized users creating administrator account on Endpoint Central. You can find more details on its impact in Endpoint Central, and the steps to be followed to get it fixed.

Vulnerability ID : CVE-2014-7862
Update Released Build : 90109
Update Release Date : Jan 5th 2015


What was the Problem?

Unauthenticated users were able to create Administrator accounts in Endpoint Central.

How do I fix it?

This has been identified and fixed, in the Endpoint Central build # 90109. Upgrade to the latest build for this issue to be fixed.

If you are also using ServiceDesk Plus, integrated with Endpoint Central then upgrade your ServiceDesk Plus to build # 9033 or later versions and enable authenticated communincation.


Keywords: Endpoint Central Integration, Security Updates, Vulnerabilities and Fixes, Secure Integration, CVE-2014-7862, API Key Generation