CVE-2020-12116

Path Traversal vulnerability

Vulnerability Details
Impact CVSS V3 rating: NA
Reported 22th April 2020
Reported by R.J. McDown, an independent security researcher
Fixed 29th April 2020
Affected Builds → Builds till 124195
→ Builds 125000 - 125124
Fixed in Builds 124196/125125
Overview Path Traversal vulnerability in URLs starting with <cachestart>
Recommended Fix → For builds till 124195, please upgrade to OpManager Version 12.4.196 or above.

→ For Builds 12.5.000 - 12.5.124, please upgrade to OpManager Version 12.5.125.

 

Description

A path traversal vulnerability was recently reported, which enabled unrestricted access to any file in the product directory. This has been fixed.

We recommend that you upgrade to OpManager Version 12.4.196 / OpManager Version 12.5.125 (for builds 125000 - 125124) or contact our support team at opmanager-support@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2020-12116 from the CVE dictionary.

Need Help?

For clarification or corrections, please contact our support team or email us at opmanager-support@manageengine.com.

Video Zone
OpManager Customer Videos
Altaleb Alshenqiti - Ministry of National Guard - Health Affairs
  
  •  IT Admin from "Royal flying doctor service", Australia
     Jonathan ManageEngine Customer
  •  Michael - Network & Tech, ManageEngine Customer
     Altaleb Alshenqiti - Ministry of National Guard - Health Affairs
  •  David Tremont, Associate Directory of Infrastructure,USA
     Todd Haverstock Administrative Director
  •  Donald Stewart, IT Manager from Crest Industries
     John Rosser, MIS Manager - Yale Chase Equipment & Services
 Pricing  Get Quote