CVE-2018-19403

Unauthenticated Remote Code Execution (RCE) vulnerability

 

Vulnerability Details
Impact CVSS V3 rating: 10 (Critical)
Reported 20 Nov 2018
Fixed 11 Dec 2018
Affected Builds Till Build 123230
Fixed in Build 123231
Overview Vulnerability in the unauthenticated remote code execution
Recommended Fix Upgrade to Network Configuration Manager Version 12.3.231 or above.

 

Description

A remote code execution issue was discovered in Network Configuration Manager before version 12.3.230. The vulnerability can be exploited by unauthenticated users to execute remote code compromising the application as well as the operating system.

We recommend that you upgrade to Network Configuration Manager version 12.3.231 and above to fix this issue.

Source and Acknowledgements

Find out more about CVE-2018-19403 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at ncm-support@manageengine.com.