Who is this article for?
Incydr Professional and Enterprise, yes.
Incydr Basic and Advanced, yes.
CrashPlan Cloud, yes.
Other product plans, yes.
CrashPlan for Small Business, yes.
This article provides advisories about security vulnerabilities in Code42 products. These security vulnerabilities have been submitted to the Mitre Common Vulnerabilities and Exposures (CVE) list.
To protect the security of our customers, we don't publish a security advisory until a vulnerability has been fully investigated and a patch or update is available that resolves the issue.
If you have questions or concerns, contact our Customer Champions for support.
Click the title of the advisory for more information, including affected versions and the version that you should upgrade to in order to resolve the issue.
|CVE ID||Publication date||Title|
|CVE-2020-12736||July 6, 2020||Remote code execution on Code42 servers|
|November 15, 2019||
|CVE-2019-15131||September 16, 2019||Arbitrary file creation on Code42 servers|
|CVE-2019-11551||August 19, 2019||Users can restore files to locations they do not have write access to|
|CVE-2019-11553||July 11, 2019||Privilege Escalation in LoginToken API|
|CVE-2019-11552||July 11, 2019||Untrusted data is executed as System via a PAC file read by CrashPlanService.exe|
|CVE-2018-20131||December 13, 2018||Permissions vulnerability in Code42 app on Linux|
Sign up for email notifications
If you want to be notified when Code42 identifies a security vulnerability, update your email preferences:
- On the Code42 email preferences page, enter your email address.
- Confirm that Common Security and Vulnerability Reports is selected.
If you already receive other Code42 emails, you'll continue to receive them even if you don't select those options. The options you select are added to your current subscriptions.
- Enter required information about your company.
- Click Update preferences.
- Code42: Security