Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Connectwise Control 22.8.10013.8329, the login page does not implement HSTS headers therefore not enforcing HTTPS. NOTE: the vendor's position is that, by design, this is controlled by a configuration option in which a customer can choose to use HTTP (rather than HTTPS) during troubleshooting.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ConnectWise Automate 安全漏洞
Vulnerability Description
ConnectWise Automate是美国ConnectWise公司的一套基于云的本地IT自动化解决方案。该产品支持内容管理、文件共享、IT资产跟踪和管理等功能。 ConnectWise Automate 22.8.10013.8329版本存在安全漏洞,该漏洞源于登录页面不设置HSTS标头。
CVSS Information
N/A
Vulnerability Type
N/A