CNNVD-202510-2308 Information

CNNVD ID

CNNVD-202510-2308

Related CVE

CVE-2025-11492

• CNNVD Published: 2025-10-16

Description (Chinese)

ConnectWise Automate Agent是美国ConnectWise公司的一个远程监控与管理软件。 ConnectWise Automate Agent存在安全漏洞，该漏洞源于配置不当允许使用HTTP协议，可能导致中间人攻击者拦截、修改或重放流量。

Description (English)

ConnectWise AutomateAgent is a remote surveillance and management software for ConnectWise in the United States. There is a security loophole in ConectWise Automate Agent, which stems from an inappropriate configuration that permits the use of HTTP agreements and may lead to the interception, modification or re-discharge of traffic by middlemen.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

ConnectWise

Published

2025-10-16

Last Modified

2026-02-24

References

https://www.connectwise.com/company/trust/security-bulletins/connectwise-automate-2025.9-security-fix https://access.redhat.com/security/cve/cve-2025-11492

Patch

https://www.connectwise.com/company/trust/security-bulletins/connectwise-automate-2025.9-security-fix