CVE-2020-12116

Path Traversal vulnerability in URLs starting with <cachestart>

Vulnerability Details
Impact CVSS V3 rating: NA
Reported on 22nd April 2020
Reported by R.J. McDown, an independent security researcher
Fixed on 29th April 2020
Affected Builds → Builds till 124195
→ Build 125000 - 125124
Fixed in Build 124196, 125125
Overview Path Traversal vulnerability in URLs starting with <cachestart>
Recommended Fix

→ For builds upto 124195, please upgrade to Firewall Analyzer version 124196 or above.
→ For Builds 125000 - 125124, please upgrade to Firewall Analyzer version 12.5.125

 

Description 

A path traversal vulnerability was recently reported, which enabled unrestricted access to any file in the product directory. This has been fixed.

We recommend that you upgrade to Firewall Analyzer version 12.4.196 / Firewall Analyzer version 12.5.125 (for builds upto 124195 and buils 125000 to 125124) or contact our support team at fwanalyzer-support@manageengine.com to fix the issue.

Source and Acknowledgements

Find out more about CVE-2020-12116 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at fwanalyzer-support@manageengine.com

A single platter for comprehensive Network Security Device Management