Manage Engine security advisory - Important security fix released for RMM Central

Manage Engine security advisory - Important security fix released for RMM Central

Greetings from ManageEngine!

 

This is to let you know that a critical security vulnerability issue was detected in RMM Central and it has now been fixed.

 

What is the issue?

It was reported that vulnerable SQL queries was executed in reports when passed for bview  parameter (Business View filter). Any SQL operations could be performed when the query was constructed and passed for this parameter.

 

What should the customer do?

The issue can be fixed by upgrading your ManageEngine RMM Central to build 10.1.23 with monitoring instance to the versions 12.5.629 and above.

 

Please refer this page for more details.

Security Advisory - SQL injection vulnerability

https://www.manageengine.com/remote-monitoring-management/security-advisory-sql-injection-vulnerability.html

 

We continuously strive to take appropriate security measures and adapt to relevant security controls in our products. If you have any questions regarding this issue or need further assistance, feel free to contact us through rmmcentral-support@manageengine.com

 

Thanks and regards,

Security Team,

RMM Central

 


                New to ADSelfService Plus?