# Security Updates - CVE-2018-19403

## Unauthenticated Remote Code Execution (RCE) vulnerability

## Vulnerability Details

| Field | Details |
|---|---|
| Impact | **CVSS V3 rating: 10 (Critical)** |
| Reported | 20 Nov 2018 |
| Fixed | 11 Dec 2018 |
| Affected Builds | Till Build 123230 |
| Fixed in | Build 123231 |
| Overview | Vulnerability in the unauthenticated remote code execution |
| Recommended Fix | **Upgrade to [OpUtils Version 12.3.231](https://www.manageengine.com/products/oputils/service-packs.html) or above.** |

## Description

A remote code execution issue was discovered in OpUtils before version 12.3.230. The vulnerability can be exploited by unauthenticated users to execute remote code compromising the application as well as the operating system.

We recommend that you [upgrade to OpUtils version 12.3.231](https://www.manageengine.com/products/oputils/service-packs.html) and above to fix this issue.

## Source and Acknowledgements

Find out more about CVE-2018-19403 from the [CVE dictionary](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19403).

## Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/products/oputils/support.html) or email us at [oputils-support@manageengine.com](mailto:oputils-support@manageengine.com).