Security Advisory | ManageEngine OpManager

Security Advisory | ManageEngine OpManager


Dear Customer, 

Greetings from ManageEngine OpManager. This is a security advisory mail for Applications Manager Plugin ( APM Plugin ) users.

It came to our notice that previously, a user was able to bypass the username-password requirement and execute arbitrary commands on the server in the APM plugin. This issue has been fixed in the latest version of OpManager.

To know more about the vulnerability, click here

Recommendation:  We highly recommend that you upgrade to the latest version of OpManager to eliminate all possible security vulnerabilities. 

Fix: 

i) If you are using OpManager builds 12.4.046 and below , kindly upgrade to the fixed version:  OpManager 12.4.047  |  Download the latest Service Pack

Affected Version
12.4.046 and below
Fixed Version
12.4.047

ii) If you are using OpManager builds 12.4.050 to 12.4.061, kindly upgrade to the fixed version:  OpManager 12.4.062  |  Download the latest Service Pack

Affected Version
12.4.050 to 12.4.061
Fixed Version
12.4.062

iii) If you are using OpManager builds 12.4.065 to 12.4.069, kindly contact opmanager-support@manageengine.com to receive the fix.

Note: This issue has been fixed in builds 12.4.070 and above.

We reassure that your data is totally intact and remains unbreached. In case you require any further clarification, our support team would be glad to assist you.

Regards,
Security Team,
OpManager








        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial





                            Related Products