| Vulnerability Details | |
|---|---|
| Impact | CVSS V3 rating: NA |
| Reported | 22th April 2020 |
| Reported by | R.J. McDown, an independent security researcher |
| Fixed | 29th April 2020 |
| Affected Builds | → Builds till 124195 → Builds 125000 - 125124 |
| Fixed in | Builds 124196/125125 |
| Overview | Path Traversal vulnerability in URLs starting with <cachestart> |
| Recommended Fix | → For builds till 124195, please upgrade to OpManager Version 12.4.196 or above. → For Builds 12.5.000 - 12.5.124, please upgrade to OpManager Version 12.5.125. |
A path traversal vulnerability was recently reported, which enabled unrestricted access to any file in the product directory. This has been fixed.
We recommend that you upgrade to OpManager Version 12.4.196 / OpManager Version 12.5.125 (for builds 125000 - 125124) or contact our support team at opmanager-support@manageengine.com to fix this issue.
Source and Acknowledgements
Find out more about CVE-2020-12116 from the CVE dictionary.
For clarification or corrections, please contact our support team or email us at opmanager-support@manageengine.com.