CVE-2019-15106

User login bypass vulnerability in APM plugin

 

Vulnerability Details
Impact NA
Reported 15 August 2019
Fixed 22 August 2019
Affected Builds - Builds till 124061
- 124065 to 124069
Fixed in Builds 124062 and 124070
Overview User login bypass vulnerability in APM plugin
Recommended Fix For builds till 124061: Upgrade to OpManager Version 12.4.062 or above.

For builds 124065 to 124069: Contact our support team (opmanager-support@manageengine.com)

 

Description

A user was able to bypass the username-password requirement and execute arbitrary commands on the server in APM plugin.

We recommend that you upgrade to OpManager Version 12.4.062 or contact our support team at opmanager-support@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2019-15106 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at opmanager-support@manageengine.com.

 
 Pricing  Get Quote