This document addresses an "Insufficient Authentication & Authorization handling" vulnerability (CVE-2021-37414) in Endpoint Central, as reported by Cedric.
There was an endpoint with insufficient access control in the server, which when exploited, could potentially lead to gaining access to the Endpoint Central instance.
This has been identified and fixed in Endpoint Central build 10.0.709 on 23.07.2021. To apply this fix, follow the steps below:
Note: This vulnerability is not applicable to cloud editions of Endpoint Central, Patch Manager Plus and Remote Access Plus.
Please contact support for further details at firstname.lastname@example.org.
Keywords: Security Updates, Vulnerabilities and Fixes.