| Vulnerability Details | |
|---|---|
| Impact | CVSS V3 rating: NA |
| Reported on | 22nd April 2020 |
| Reported by | R.J. McDown, an independent security researcher |
| Fixed on | 29th April 2020 |
| Affected Builds | → Builds till 124195 → Build 125000 - 125124 |
| Fixed in | Build 124196, 125125 |
| Overview | Path Traversal vulnerability in URLs starting with <cachestart> |
| Recommended Fix |
→ For builds upto 124195, please upgrade to Firewall Analyzer version 124196 or above. |
A path traversal vulnerability was recently reported, which enabled unrestricted access to any file in the product directory. This has been fixed.
We recommend that you upgrade to Firewall Analyzer version 12.4.196 / Firewall Analyzer version 12.5.125 (for builds upto 124195 and buils 125000 to 125124) or contact our support team at fwanalyzer-support@manageengine.com to fix the issue.
Source and Acknowledgements
Find out more about CVE-2020-12116 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at fwanalyzer-support@manageengine.com