|Reported||15 August 2019|
|Fixed||22 August 2019|
|Affected Builds||- Builds till 124061
- 124065 to 124069
|Fixed in||Builds 124062 and 124070|
|Overview||User login bypass vulnerability in APM plugin|
|Recommended Fix||For builds till 124061: Upgrade to OpManager Plus Version 12.4.062 or above.
For builds 124065 to 124069: Contact our support team (firstname.lastname@example.org)
A user was able to bypass the username-password requirement and execute arbitrary commands on the server in APM plugin.
Source and Acknowledgements
Find out more about CVE-2019-15106 from the CVE dictionary.