|Impact||CVSS V3 rating: NA|
|Reported||22th April 2020|
|Reported by||R.J. McDown, an independent security researcher|
|Fixed||29th April, 2020|
→ Builds till 124195
→ Builds 125000 - 125124
|Fixed in||Builds 124196/125125|
|Overview||Path Traversal vulnerability in URLs starting with <cachestart>|
Upgrade to NCM Version 12.4.196 or above.
For Builds 12.5.000 - 12.5.124, please upgrade to NCM Version 12.5.125.
A path traversal vulnerability was recently reported, which enabled unrestricted access to any file in the product directory. This has been fixed.
Source and Acknowledgements
Find out more about CVE-2020-12116 from the CVE dictionary.