cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Highlighted
Level 7

Nessus scan -SolarWinds Dameware Mini Remote Control Unauthenticated RCE

Good afternoon.

I'm not sure if this question has already been posted. We recently ran a nessus scan and one of the 'critical severity' vulnerabilities is a Dameware MRC RCE.

It says to apply the v12.1 HF3 or later which I did and on the three workstations that has the Dameware app, the vulnerability was remediated.

The problem is it say we have 100+ hosts that has this vulnerability, but we only have three Dameware MRC app installed. Upon connecting to a few machines and installing the 'updated agent' this somehow fixes it.

Aside from remotely connecting to all the remaining hosts individually, is there a better or more efficient way to solve this?

tl;dr

Dameware MRC cve lists 100+hosts as vulnerable, applied the hotfix3 to the workstations that has the Dameware MRC app.

Fixed the three workstations, but 100+hosts still vulnerable unless remotely connected individually to apply 'updated agent'.

TIA!

0 Kudos