| Vulnerability Details | |
|---|---|
| Severity | High |
| Reported | 16 Oct 2021 |
| Reported by | Nam (aka m3) from ECQ |
| Fixed | 28-Oct-2021 |
| Affected Builds |
-Builds 125482 to 125487 -Builds 125458 to 125472 -Buillds 125456 and below |
| Fixed in |
-Build 125488 -Build 125473 |
| Overview | There was a command injection vulnerability in the ipaddress/hostname field of the ping functionality. |
| Recommended Fix |
For builds below 125456, please upgrade to version 125457 here. For builds 125458 to 125472 and please upgrade to the version 125473 here. For builds 125482 to 125487, please contact NCM support |
Earlier, there was a command injection vulnerability in the ipaddress/hostname field of the ping functionality. This issue has been fixed now.
We recommend that you upgrade to the latest version of Network Configuration Manager or contact NCM support.
Source and Acknowledgements
Find out more about CVE-2021-43319 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at ncm-support@manageengine.com.