漏洞类别:Local
漏洞等级: 
漏洞信息
OpManager offers network monitoring, physical and virtual server monitoring, flow-based bandwidth analysis, firewall log analysis and archiving, configuration and change management, and IP address and switch port management, thereby providing all the visibility and control that you need over your network.
OpManager is prone to multiple security vulnerabilities including file upload, SQL injection, cross-site scripting and cross-site request forgery.
Affected Versions:
ManageEngine OpManager v12 is affected.
漏洞危害
Depending on the vulnerability being exploited, successful exploitation could allow an authenticated, remote attacker to manipulate SQL queries in the back-end database,execute arbitrary code and conduct XSS or CSRF attacks.
解决方案
Customers are advised to install ManageEngine OpManager 12.1 or later version to fix these vulnerabilities.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论