Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-23	CVE-2019-16516	Information Exposure Through Discrepancy vulnerability in Connectwise Control 19.3.25270.7185 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. network low complexity connectwise CWE-203	5.0
2020-01-23	CVE-2019-16515	Unspecified vulnerability in Connectwise Control 19.3.25270.7185 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. network low complexity connectwise	6.4
2020-01-23	CVE-2019-16514	Unrestricted Upload of File with Dangerous Type vulnerability in Connectwise Control 19.3.25270.7185 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. network low complexity connectwise CWE-434	6.5
2020-01-23	CVE-2019-16513	Cross-Site Request Forgery (CSRF) vulnerability in Connectwise Control 19.3.25270.7185 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. network connectwise CWE-352	6.8
2017-07-31	CVE-2017-11727	Cross-site Scripting vulnerability in Connectwise Manage 2017.5 services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS. network connectwise CWE-79	4.3
2017-07-31	CVE-2017-11726	Cross-Site Request Forgery (CSRF) vulnerability in Connectwise Manage 2017.5 services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting. network connectwise CWE-352	6.8