| Vulnerability Details | |
|---|---|
| Impact | CVSS V3 rating: 10 (Critical) |
| Reported | 2 Oct 2018 |
| Fixed | 2 Nov 2018 |
| Affected Builds | Till Build 123221 |
| Fixed in | Build 123222 |
| Overview | SQL injection in Mail server settings |
| Recommended Fix | Upgrade to OpManager Version 12.3.239 or above. |
A SQL injection was discovered in OpManager before version 12.3.222. This SQL vulnerability was via Mail Server settings. We recommend that you upgrade to OpManager Version 12.3.222 or above to fix this issue.
Source and Acknowledgements
Find out more about CVE-2018-18949 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at opmanager-support@manageengine.com.