# Security Updates - CVE-2018-19403 | ManageEngine OpUtils

## CVE-2018-17283

### Unauthenticated 'oputilsServlet' vulnerability

## Vulnerability Details

| Field | Details |
|---|---|
| Impact | **CVSS V3 rating: 10 (Critical)** |
| Reported | 6 August 2018 |
| Fixed | 7 September 2018 |
| Affected Builds | Till Build 123194 |
| Fixed in | Build 123196 |
| Overview | The 'oputilsServlet' which was previously unauthenticated has now been removed. |
| Recommended Fix | **Upgrade to [OpUtils Version 12.3.329](https://www.manageengine.com/products/oputils/service-packs.html) or above.** |

### Description

The 'oputilsServlet' vulnerability was discovered in OpUtils before version 12.3.196. This unauthenticated 'oputilsServlet' vulnerability was removed since it compromises the application.

We recommend that you [upgrade to OpUtils version 12.3.329](https://www.manageengine.com/products/oputils/service-packs.html) and above to fix this issue.

### Source and Acknowledgements

Find out more about CVE-2018-17283 from the [CVE dictionary](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17283).

### Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/products/oputils/support.html) or email us at [oputils-support@manageengine.com](mailto:oputils-support@manageengine.com)