CVE-2018-20339

Unauthenticated Remote Code Execution (RCE) vulnerability

 

Vulnerability Details
Impact CVSS V3 rating: 10 (Critical)
Reported 20 Nov 2018
Fixed 20 Dec 2018
Affected Builds Till Build 123238
Fixed in Build 123239
Overview XSS vulnerability in 'Notes' section in Alarms.
Recommended Fix Upgrade to OpManager Version 12.3.239 or above.

 

Description

A XSS vulnerability was discovered in OpManager before version 12.3.239. This vulnerability affected the 'Notes' column of the 'Alarms' section in OpManager compromising the application.

We recommend that you upgrade to OpManager Version 12.3.239 and above to fix this issue.

Source and Acknowledgements

Find out more about CVE-2018-20339 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at opmanager-support@manageengine.com.

 
 Pricing  Get Quote