N-able and Spring4Shell(CVE-2022-22965)

Update after SWI notice
Updated April 6, 2022

N-able has been closely monitoring details as they’ve emerged around the Spring4Shell vulnerability, which has received quite a bit of attention over the last week. The N-able security team began to investigate any risk that this vulnerability may have to both our on-prem and cloud hosted solutions.  Spring has shared quite a bit of information on this vulnerability, even publishing an early announcement for customers with details being updated regularly. 

N-able recommends partners using N-able Help Desk Manager (HDM) follow SolarWinds recommendation and remove Help Desk Manager from your public (internet-facing) infrastructure. A hotfix is under development for HDM and this announcement will be updated once the hotfix is available for download.

At this time, based upon the information that’s been shared by Spring, we can confirm that no other N-able products are impacted by the vulnerability. 

Our security team will continue to actively monitor for any additional information that’s shared around this vulnerability and share updates as they are available.

Affected Product(s):

Help Desk Manager


Posted April 4, 2022

N-able has been closely monitoring details as they’ve emerged around the Spring4Shell vulnerability, which has received quite a bit of attention over the last week.  The N-able security team began to investigate any risk that this vulnerability may have to both our on-prem and cloud hosted solutions.  Spring has shared quite a bit of information on this vulnerability, even publishing an early announcement for customers with details being updated regularly. 

At this time, based upon the information that’s been shared by Spring, we can confirm that no N-able products are impacted by the vulnerability.  Our security team will continue to actively monitor for any additional information that’s shared around this vulnerability.

This entry was posted in Cove Data Protection, Mail Assure, MSP Anywhere, MSP Mail, MSP Manager, MSP Service Desk, N-central, Passportal, Risk Intelligence, Security Notices, Take Control. Bookmark the permalink.