CVE-2021-3287

Unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class.

Vulnerability Details
Impact CVSS V3 rating: 10 (Critical)
Reported 21st January, 2021
Reported by Johannes Mortiz, an independent Security researcher
Fixed 8th February, 2021
Affected Builds Builds 125219 and below
Fixed in Builds 125220/125314
Overview Unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class.
Recommended Fix → For builds 125219 and below, please upgrade to OpManager Version 125220.

 

Description

Unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class.

We recommend that you upgrade to OpManager Version 125220 or contact our support team at itom-upgrades@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2021-3287 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at itom-upgrades@manageengine.com.

 
 Pricing  Get Quote