Skip to main content
Nederlands
Submit a ticket

New to ESET Tech Center? Register for an account

Need a password reminder?

A vulnerability exists which could allow a remote attacker access to the Enterprise Server - Kennisbank / ESET Endpoint Encryption - ESET Tech Center

This Article Category Knowledgebase

A vulnerability exists which could allow a remote attacker access to the Enterprise Server

Authors list
  • Last updated: Jan 23, 2018 by Anish | ESET Nederland

A serious vulnerability has been discovered which allows a remote attacker access to an Enterprise Server and allows execution of arbitrary commands. This vulnerability can be exploited by any unauthenticated user.

The remote attacker could access or manipulate any database records, including the ability to create a new login with which to access the Enterprise Server console to perform commands.

It is highly recommended that you upgrade immediately to version 2.5.0 or later. If your Enterprise Server is public facing, then you should immediately disable access and use the Enterprise Server locally until it can be upgraded.

Download

Version 2.5.2 of the Enterprise Server can be downloaded here.

Affected Versions

Issue not present 2.3.2 (and earlier)
Issue present 2.3.3 to 2.4.5 (inclusive)
Issue resolved 2.5.0 (and later)

Add a comment

Please log in or register to submit a comment.

Need a password reminder?
This Article Category Knowledgebase
Author
Anish | ESET Nederland
Creation date
Jan 23, 2018
Last update
Jan 23, 2018
Publish date
Jan 23, 2018