# Security Updates - CVE-2020-10541

## CVE-2020-10541

### Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs

## Vulnerability Details

| Vulnerability Details |  |
|---|---|
| Impact | **CVSS V3 rating: NA** |
| Reported | 13th March 2020 |
| Reported by | Jason Nordenstam |
| Fixed | 13th March 2020 |
| Affected Builds | Builds till 124171 |
| Fixed in | Builds 124172 |
| Overview | Remote Code Execution (RCE) vulnerability in Mail Server Settings |
| **Recommended Fix** | **Upgrade to [OpManager Version 12.4.172](https://www.manageengine.com/network-monitoring/service-packs.html?124172) or above.** |

### Description

The obsolete code causing Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs have been removed.

We recommend that you [upgrade to OpManager Version 12.4.172](https://www.manageengine.com/network-monitoring/service-packs.html?124172) or contact our support team at [opmanager-support@manageengine.com](mailto:opmanager-support@manageengine.com) to fix this issue.

**Source and Acknowledgements**

Find out more about CVE-2020-10541 from the [CVE dictionary](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10541).

### Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/network-monitoring/support.html) or email us at [opmanager-support@manageengine.com](mailto:opmanager-support@manageengine.com).