Home » Help »

Privilege Escalation vulnerability in Action Log viewer

Privilege Escalation in Action Log viewer

This document explains you how to mitigate the privilege escalation vulnerability in action log viewer reported by Ranjit Pahan.

What was the problem?

Action log viewer data was accessible to unauthorized users due to improper access control.

How was the problem resolved?

Appropriate role access handling has been done for action log view data.

How do I fix it?

This issue has been fixed in Vulnerability Manager Plus build 10.0.708.

To apply this fix, follow the steps below:

  • Log in to your Vulnerability Manager Plus console, click on your current build number on the top right corner.
  • You can find the latest build applicable to you. Download the PPM and update it.
  • Please contact support for further details at vulnerabilitymanagerplus-support@manageengine.com.

 

Keywords: Security Updates, Vulnerabilities and Fixes.