# Security Updates on Vulnerabilities

## CVE-2014-7862 - "Unauthorized Administrator Account Creation"

This document will explain you about the Vulnerability, which allows unauthorized users creating administrator account on Endpoint Central. You can find more details on its impact in Endpoint Central, and the steps to be followed to get it fixed.

**Vulnerability ID** : CVE-2014-7862  
**Update Released Build** : 90109  
**Update Release Date** : Jan 5th 2015

### What was the Problem?

Unauthenticated users were able to create Administrator accounts in Endpoint Central.

### How do I fix it?

This has been identified and fixed, in the Endpoint Central build **90109**. [Upgrade](https://www.manageengine.com/products/desktop-central/service-packs.html) to the latest build for this issue to be fixed.

If you are also using ServiceDesk Plus, integrated with Endpoint Central then [upgrade](https://www.manageengine.com/products/service-desk/service-packs.html) your ServiceDesk Plus to build **9033 or later versions** and [enable authenticated communincation](https://www.manageengine.com/products/desktop-central/help/configuring_desktop_central/generating_an_authentication_key.html).

**Keywords:** Endpoint Central Integration, Security Updates, Vulnerabilities and Fixes, Secure Integration, CVE-2014-7862, API Key Generation