| Vulnerability Details | |
|---|---|
| Impact | CVSS V3 rating: 10 (Critical) |
| Reported | 6 August 2018 |
| Fixed | 7 September 2018 |
| Affected Builds | Till Build 123194 |
| Fixed in | Build 123196 |
| Overview | The 'oputilsServlet' which was previously unauthenticated has now been removed. |
| Recommended Fix | Upgrade to OpUtils Version 12.3.329 or above. |
The 'oputilsServlet' vulnerability was discovered in OpUtils before version 12.3.196. This unauthenticated 'oputilsServlet' vulnerability was removed since it compromises the application.
We recommend that you upgrade to OpUtils version 12.3.329 and above to fix this issue.
Source and Acknowledgements
Find out more about CVE-2018-17283 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at oputils-support@manageengine.com