Skip to main content

Connectwise

2 CVEs product

Monthly

CVE-2023-23128 MEDIUM This Month

Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cors Misconfiguration Information Disclosure Connectwise
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-23127 MEDIUM This Month

In Connectwise Control 22.8.10013.8329, the login page does not implement HSTS headers therefore not enforcing HTTPS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Connectwise
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
EPSS 0% CVSS 6.1
MEDIUM This Month

Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cors Misconfiguration Information Disclosure Connectwise
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

In Connectwise Control 22.8.10013.8329, the login page does not implement HSTS headers therefore not enforcing HTTPS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Connectwise
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy