CVE-2020-12116

Path Traversal vulnerability

Vulnerability Details
Impact CVSS V3 rating: NA
Reported 22th April 2020
Reported by R.J. McDown, an independent security researcher
Fixed 29th April 2020
Affected Builds → Builds till 124195
→ Builds 125000 - 125124
Fixed in Builds 124196/125125
Overview Path Traversal vulnerability in URLs starting with <cachestart>
Recommended Fix → For builds till 124195, please upgrade to OpManager Plus Version 12.4.196 or above.

→ For Builds 12.5.000 - 12.5.124, please upgrade to OpManager Plus Version 12.5.125.

 

Description

A path traversal vulnerability was recently reported, which enabled unrestricted access to any file in the product directory. This has been fixed.

We recommend that you upgrade to OpManager Plus Version 12.4.196 / OpManager Plus Version 12.5.125 (for builds 125000 - 125124) or contact our support team at opmanagerplus-support@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2020-12116 from the CVE dictionary.

Need Help?

For clarification or corrections, please contact our support team or email us at opmanagerplus-support@manageengine.com.

Video Zone
OpManager Customer Videos
Altaleb Alshenqiti - Ministry of National Guard - Health Affairs
  
  •  IT Admin from "Royal flying doctor service", Australia
     Jonathan ManageEngine Customer
  •  Michael - Network & Tech, ManageEngine Customer
     Altaleb Alshenqiti - Ministry of National Guard - Health Affairs
  •  David Tremont, Associate Directory of Infrastructure,USA
     Todd Haverstock Administrative Director
  •  Donald Stewart, IT Manager from Crest Industries
     John Rosser, MIS Manager - Yale Chase Equipment & Services
 Pricing  Get Quote