Nessus scan -SolarWinds Dameware Mini Remote Control Unauthenticated RCE
I'm not sure if this question has already been posted. We recently ran a nessus scan and one of the 'critical severity' vulnerabilities is a Dameware MRC RCE.
It says to apply the v12.1 HF3 or later which I did and on the three workstations that has the Dameware app, the vulnerability was remediated.
The problem is it say we have 100+ hosts that has this vulnerability, but we only have three Dameware MRC app installed. Upon connecting to a few machines and installing the 'updated agent' this somehow fixes it.
Aside from remotely connecting to all the remaining hosts individually, is there a better or more efficient way to solve this?
Dameware MRC cve lists 100+hosts as vulnerable, applied the hotfix3 to the workstations that has the Dameware MRC app.
Fixed the three workstations, but 100+hosts still vulnerable unless remotely connected individually to apply 'updated agent'.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community.
More than 150,000 members are here to solve problems, share technology and best practices, and directly
contribute to our product development process.
Learn more today by joining now.