PT-2020-9831 · Connectwise · Connectwise Control

Matt Hamilton

Published

2020-01-23

Updated

2020-01-30

CVE-2019-16515

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions ConnectWise Control version 19.3.25270.7185

Description An issue was discovered where certain HTTP security headers are not used, which could potentially lead to security risks.

Recommendations For ConnectWise Control version 19.3.25270.7185, consider configuring the server to include the missing HTTP security headers to enhance security. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-16515

Affected Products

Connectwise Control

PT-2020-9831 · Connectwise · Connectwise Control

CVE-2019-16515

Related Identifiers

Affected Products

References · 7