Follow

ConnectWise's Plugin Vulnerability

Issue: Recently, ConnectWise sent a notification of a vulnerability in their plugin to Kaseya’s VSA to their customer base​. 

Workaround: Kaseya has worked with ConnectWise and we have created a small application which mitigates the vulnerability until ConnectWise’s permanent fix which ​they have scheduled for Q1 20​1​8.  

 

NOTE: This is only required for customers who have installed the ConnectWise supplied plugin. If you are not using this plugin OR you are using the Kaseya supplied connector (see part 2 below), it is not required and should not be installed.

 

Part 1: Mitigating the ConnectWise Issue:

Please download the attached .zip file ("VSAAccessControlSentry.zip") and review the README.txt for instructions.

 

Part 2: Switch to Kaseya Supplied Plugin:

Kaseya has its own ConnectWise plug-in available now, that does not suffer from this security vulnerability.  It is available to our mutual customers at no license charge (there is a nominal implementation fee).

If you are interested in using Kaseya’s PSA Connector to ConnectWise, please contact your Kaseya Customer Success Manager and reference the Product SKU: S-ONP-K3-PSA-CONW

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.