Vulnerability Details | |
---|---|
Impact | CVSS V3 rating: 10 (Critical) |
Reported | 21st January, 2021 |
Reported by | Johannes Mortiz, an independent Security researcher |
Fixed | 8th February, 2021 |
Affected Builds | Builds 125219 and below |
Fixed in | Builds 125220/125314 |
Overview | Unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class. |
Recommended Fix | → For builds 125219 and below, please upgrade to OpManager Plus Version 125220. |
Unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class.
We recommend that you upgrade to OpManager Plus Version 125220 or contact our support team at itom-upgrades@manageengine.com to fix this issue.
Source and Acknowledgements
Find out more about CVE-2021-3287 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at itom-upgrades@manageengine.com.