Skip to main content

A vulnerability exists which could allow a remote attacker access to the Enterprise Server - Kennisbank / ESET Endpoint Encryption - ESET Tech Center

A vulnerability exists which could allow a remote attacker access to the Enterprise Server

Authors list

A serious vulnerability has been discovered which allows a remote attacker access to an Enterprise Server and allows execution of arbitrary commands. This vulnerability can be exploited by any unauthenticated user.

The remote attacker could access or manipulate any database records, including the ability to create a new login with which to access the Enterprise Server console to perform commands.

It is highly recommended that you upgrade immediately to version 2.5.0 or later. If your Enterprise Server is public facing, then you should immediately disable access and use the Enterprise Server locally until it can be upgraded.

Download

Version 2.5.2 of the Enterprise Server can be downloaded here.

Affected Versions

Issue not present 2.3.2 (and earlier)
Issue present 2.3.3 to 2.4.5 (inclusive)
Issue resolved 2.5.0 (and later)

Add a comment

Please log in or register to submit a comment.

Need a password reminder?