ManageEngine Network Configuration Manager – Build 123057 Released

31 January 2018
by Joshua Ball

Vulnerability fixed

  1. DDI-VRT-2018-02 – Unauthenticated Blind SQL Injection via /servlets/RegisterAgent
  2. DDI-VRT-2018-03 – Unauthenticated Blind SQL Injection via /servlets/StatusUpdateServlet and /servlets/AgentActionServlet
  3. DDI-VRT-2018-04 – Multiple Unauthenticated Blind SQL Injections via /embedWidget
  4. DDI-VRT-2018-05 – Unauthenticated XML External Entity Injection via /SNMPDiscoveryURL
  5. DDI-VRT-2018-06 – Unauthenticated Blind SQL Injection via /unauthenticatedservlets/ELARequestHandler and /unauthenticatedservlets/NPMRequestHandler
  6. DDI-VRT-2018-07 – User Enumeration via /servlets/ConfServlet.

 

Build Release
Other recent articles in the same category
DataSecurity Plus Build Releases – 2020

6 July 2020

Applications Manager Build Releases – 2020

18 June 2020

Application Control Plus Build Releases – 2020

17 June 2020

Cloud Security Plus Build Releases – 2020

17 June 2020

Mobile Device Manager Plus Build Releases – 2020

16 June 2020

You may be interested in these other recent articles

News index
18 Dec

Last Week Best ManageEngine Updates – Part 31

18 December 2023 | Nazim Nadir

Right before Christmas, ManageEngine is giving out their quality of life updates. From ServiceDesk Plus to M365 Manager Plus, you will see plenty of updates…

Read more
6 Dec

Last Week’s Best ManageEngine Updates – Part 30

6 December 2023 | Nazim Nadir

ManageEngine is named a strong performer for 2023 in last week updates. There are also new updates to their suite of applications and they have…

Read more
27 Nov

Last Week’s Best ManageEngine Updates – Part 29

27 November 2023 | Nazim Nadir

Exciting news of ManageEngine Linkedin Live webinar has been announced alongside some application updates and the release of a new E-Book. Whether you’re new to…

Read more
OnixS
Manage Engine Technology Partner of the year, 2017-18

Search the site