Security Updates - CVE Database
Home » Security Updates » CVE-2019-15016

CVE-2019-15106

User login bypass vulnerability in APM plugin

 

Vulnerability Details
ImpactNA
Reported15 August 2019
Fixed22 August 2019
Affected Builds- Builds till 124061
- 124065 to 124069
Fixed inBuilds 124062 and 124070
OverviewUser login bypass vulnerability in APM plugin
Recommended FixFor builds till 124061: Upgrade to OpManager Plus Version 12.4.062 or above.

For builds 124065 to 124069: Contact our support team (opmanagerplus-support@manageengine.com)

 

Description

A user was able to bypass the username-password requirement and execute arbitrary commands on the server in APM plugin.

We recommend that you upgrade to OpManager Plus Version 12.4.062 or contact our support team at opmanagerplus-support@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2019-15106 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at opmanagerplus-support@manageengine.com.

Video Zone
OpManager Customer Videos
Michael Senatore, Operations Manager, Rojan Australia Pty Ltd.
  
  •  Venkatesan Veerappan, IT Consultant
     Mohd Jaffer Tawfiq Murtaja, Information Security officer from Al Ain sports club
  •  Jonathan ManageEngine Customer
     IT Admin from "Royal flying doctor service", Australia
  •  Michael Senatore, Operations Manager, Rojan Australia Pty Ltd.
     Michael - Network & Tech, ManageEngine Customer
  •  Altaleb Alshenqiti - Ministry of National Guard - Health Affairs
     Donald Stewart, IT Manager from Crest Industries
  •  John Rosser, MIS Manager - Yale Chase Equipment & Services
     David Tremont, Associate Directory of Infrastructure,USA
Related Products