CVE-2020-11527

Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs

 

Vulnerability Details
Impact CVSS V3 rating: NA
Reported 14th January 2020
Reported by jacky.xing@dbappsecurity.com.cn
Fixed 28th January 2020
Affected Builds Builds till 124180
Fixed in Build 124181
Overview File read vulnerability in Arbitrary file
Recommended Fix Upgrade to OpUtils Version 12.4.181 or above.

 

Description

Previously, the users were able to read the Arbitrary file, which made it vulnerable. This file read vulnerability has been fixed.

We recommend that you upgrade to OpUtils version 12.4.181 or above or contact our support team at oputils-support@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2020-11527 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at oputils-support@manageengine.com