Security Updates - CVE Database
Home » Security Updates ยป CVE-2024-36038

XSS vulnerability - CVE-2024-36038

Severity: Medium

CVE ID: CVE-2024-36038


Product name Affected Version(s) Fixed Version(s) Fixed On
OpManager
OpManager Plus
OpManager MSP
Network Configuration Manager
NetFlow Analyzer
Firewall Analyzer		 From version 128234 to 128248 128249 31-05-2024

Details:

The stored XSS vulnerabilities were identified with the configured proxy server from 128234 version.

Impact:

The vulnerability allows users with insufficient privilege to be able to gain access to sensitive information.

Steps to upgrade:

  1. Kindly download the latest upgrade pack from here.
  2. Apply the latest build to your existing product installation as per the upgrade pack instructions provided in the above step.

Source and Acknowledgements

This vulnerability was reported by Muhammed Mekkawy.

Kindly contact our product support team for further details, at the below mentioned email address:

 

 
Related Products
 Pricing  Get Quote
Resources
Company
Training and Support
Connect with us:
     

ManageEngine is a division of Zoho Corp.