# CVE-2020-10816

### Unauthenticated remote user is allowed to register Probe servers via AAMRequestProcessor servlet

| Vulnerability Details |  |
|---|---|
| Impact | **CVSS V3 rating:**  |
| Fixed | 3 August 2020 |
| Affected Builds | Till version 14780 |
| Fixed in | Version 14790 and above |
| Overview | Unauthenticated remote user is allowed to register Probe servers via AAMRequestProcessor servlet. |
| **Recommended Fix** | **Upgrade Applications Manager to version 14790 or above.** |

## Description- Security Update - CVE-2020-10816 Database

ManageEngine Applications Manager 14780 and before allow a remote unauthenticated attacker to register Probe servers via AAMRequestProcessor servlet.

We recommend you to upgrade Applications Manager to version 14790 or above to fix this issue.

### Source and Acknowledgements

Find out more about CVE-2020-10816 from [CVE Directory](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10816) and [NIST NVD](https://nvd.nist.gov/vuln/detail/CVE-2020-10816).

**Reported by:**
Luis Alfredo Nunez Rincon - Cybersecurity Researcher

### Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/products/applications_manager/support.html) or email us at [appmanager-support@manageengine.com](mailto:appmanager-support@manageengine.com)