ManageEngine OpUtils – Build 123057 Released

1 February 2018
by Joshua Ball

The following vulnerability issues have been fixed in OpUtils:

  • DDI-VRT-2018-02 – Unauthenticated Blind SQL Injection via /servlets/RegisterAgent
  • DDI-VRT-2018-03 – Unauthenticated Blind SQL Injection via /servlets/StatusUpdateServlet and /servlets/AgentActionServlet
  • DDI-VRT-2018-04 – Multiple Unauthenticated Blind SQL Injections via /embedWidget
  • DDI-VRT-2018-05 – Unauthenticated XML External Entity Injection via /SNMPDiscoveryURL
  • DDI-VRT-2018-06 – Unauthenticated Blind SQL Injection via /unauthenticatedservlets/ELARequestHandler and /unauthenticatedservlets/NPMRequestHandler
  • DDI-VRT-2018-07 – User Enumeration via /servlets/ConfServlet.

 

Build Release
Other recent articles in the same category
DataSecurity Plus Build Releases – 2020

6 July 2020

Applications Manager Build Releases – 2020

18 June 2020

Application Control Plus Build Releases – 2020

17 June 2020

Cloud Security Plus Build Releases – 2020

17 June 2020

Mobile Device Manager Plus Build Releases – 2020

16 June 2020

You may be interested in these other recent articles

News index
6 Dec

Last Week’s Best ManageEngine Updates – Part 30

6 December 2023 | Nazim Nadir

ManageEngine is named a strong performer for 2023 in last week updates. There are also new updates to their suite of applications and they have…

Read more
27 Nov

Last Week’s Best ManageEngine Updates – Part 29

27 November 2023 | Nazim Nadir

Exciting news of ManageEngine Linkedin Live webinar has been announced alongside some application updates and the release of a new E-Book. Whether you’re new to…

Read more
30 Oct

Last Week’s Best ManageEngine Updates – Part 28

30 October 2023 | Nazim Nadir

Updates on stability have been made by ManageEngine to enhance your end-user experience with their products. Continue reading to learn which ManageEngine applications gain the…

Read more
OnixS
Manage Engine Technology Partner of the year, 2017-18

Search the site