Home » Knowledge Base » Security Update on Vulnerabilities

Remote Command Execution Vulnerability

This document will explain you about the vulnerability reported by Digital Defense Inc., which allows any user who is connected to the same network as that of the machine in which the Patch Manager Plus server is running, to remotely execute commands on the server machine. You can find more details on its impact and the steps to be followed to get it fixed.

What was the Problem?

Any user who is connected to the same network as that of the machine in which the central server is running, can remotely execute commands on the server machine.

How do I fix it?

This has been identified and fixed on 02-Feb-2018. Follow the below steps to apply this fix,

  1. Log in to your web console, click on your current build number on the top right corner.
  2. You can find the latest build applicable to you. Download the PPM and update.
Note: Whenever there is a security fix available, you will be notified in  web console from where you can apply the fix.

 

Keywords: Security Updates, Vulnerabilities and Fixes, Remote Command Execution.

 
Knowledge Base