| Vulnerability Details | |
|---|---|
| Impact | CVSS V3 rating: NA |
| Reported | 22th April 2020 |
| Reported by | R.J. McDown, an independent security researcher |
| Fixed | 29th April 2020 |
| Affected Builds | → Builds till 124195 → Builds 125000 - 125124 |
| Fixed in | Builds 124196/125125 |
| Overview | Path Traversal vulnerability in URLs starting with <cachestart> |
| Recommended Fix |
→ For builds till 124195, please upgrade to OpUtils version 12.4.196 or above. → For builds 125000 - 125124, please upgrade to OpUtils version 12.5.125. |
A path traversal vulnerability was recently reported, which enabled unrestricted access to any file in the product directory. This has been fixed.
We recommend that you upgrade to OpUtils version 12.4.196 / OpUtils version 12.5.125 (for builds 125000 - 125124) or contact our support team at oputils-support@manageengine.com to fix this issue.
Source and Acknowledgements
Find out more about CVE-2020-12116 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at oputils-support@manageengine.com