List of security vulnerabilities fixed in Firewall Analyzer

This page contains a list of all security vulnerabilities fixed in Firewall Analyzer along with its CVE ID and fixed build number. Go to ManageEngine's Security Response Center to report vulnerabilities on ManageEngine products.

CVE ID Synopsis Severity Fixed in version Link to latest build
CVE-2019-17421 Incorrect file permissions on the packaged Nipper executable file Medium 124079/124099 Download
Internal An operator user could access restricted folders bypassing the session. High 123241 Download
CVE-2018-19403 Unauthenticated Remote Code Execution (RCE) vulnerability High 123231 Download

CVE-2018-12997

Incorrect Access Control in FailOverHelperServlet

High 123169 Download

CVE-2018-12998

It allows remote attackers to inject arbitrary web script or HTML Medium 123169 Download

 

A single platter for comprehensive Network Security Device Management