CVE-2014-6034

Name of the Vulnerable Software and Affected Versions ManageEngine OpManager versions 8.8 through 11.3 Social IT Plus version 11.0 IT360 versions 10.4 and earlier

Description The issue allows remote attackers or remote authenticated users to write to and execute arbitrary WAR files. This is achieved by exploiting a directory traversal vulnerability in the com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector servlet. The vulnerability can be triggered via a .. (dot dot) in the regionID parameter.

Recommendations For ManageEngine OpManager versions 8.8 through 11.3, restrict access to the com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector servlet to minimize the risk of exploitation. For Social IT Plus version 11.0, avoid using the regionID parameter in the affected API endpoint until the issue is resolved. For IT360 versions 10.4 and earlier, consider disabling the FileCollector servlet until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.