File Read/Inclusion Vulnerabilities

This document provides information about the different file read/inclusion vulnerabilities detected in Mobile Device Manager Plus and provides the resolution to secure the server from these vulnerabilities

 

Vulnerability Description CVE ID Fix available in build Fix released on
Read/Inclusion vulnerability using the AJP connector in Apache Tomcat CVE-2020-1938 92762 Mar 5, 2020

Resolution

The fixes for the above mentioned vulnerabilities were released in the build numbers mentioned above. If your MDM server is affected by the vulnerability or is running a version below the build number mentioned, upgrade your Mobile Device Manager Plus server to the appropriate build to resolve the issues.

For more updates on security fixes, follow our Vulnerability Updates forums.