Vulnerabilities > Connectwise > Screenconnect > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2023-47256 Improper Authentication vulnerability in Connectwise Automate and Screenconnect
ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings
local
low complexity
connectwise CWE-287
5.5
2022-09-28 CVE-2022-36781 Improper Restriction of Excessive Authentication Attempts vulnerability in Connectwise Screenconnect
ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration.
network
low complexity
connectwise CWE-307
5.3