Vulnerability por 80-443

Question

Good morning,We have been advised from our head IT dpt. about this vulnerability in our AA360 on premises.Checking Posts and article found this Workaround: For environments that cannot be upgraded to A360.33 on-prem immediately, recommendation is to block incoming HTTP / HTTPS request to the Control Room server for the below Endpoint As our version is Bot agent version 21.240 Automation 360 build 17542We should go tohttp:///v1/proxy/testhttps:///v1/proxy/testSorry, but where to go to disconect it or how to update to version A360.33 Thks & B. Regards

Aaron.Gleason · Accepted Answer

Disconnecting ports 80 and 443 will completely disable the Control Room. Any disconnection must be done at the network level by your network admins. They can filter those ports to the CR’s IP address, but again this will completely disable the Control Room.

If your CR is not available outside your company’s firewall, only internal employees could cause any security breaches. If the CR is available outside your company’s firewall, filtering those ports from outside traffic is a good idea.

Updating your Control Room can be performed using instructions like these:

https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/deployment-planning/on-prem-install/cloud-on-prem-install.html

If you are concerned about how to perform this upgrade, I highly recommend contacting your Automation Anywhere CSM, our Professional Services group, or support at support@automationanywhere.com.

Reply

Sign up

Login to the Pathfinder Community

Scanning file for viruses.

This file cannot be downloaded