Vulnerabilites related to solarwinds - orion_platform
cve-2023-23836
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-18 15:48
Severity ?
EPSS score ?
Summary
SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2022.4.1 and prior versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:42:26.726Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23836", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-23836", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T15:48:38.367164Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T15:48:50.165Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.4.1", status: "affected", version: "2022.4.1 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-02-14T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.</p>", }, ], value: "SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T20:09:20.755Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23836", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1.</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1.\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2023-23836", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2023-01-18T00:00:00.000Z", dateUpdated: "2025-03-18T15:48:50.165Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36958
Vulnerability from cvelistv5
Published
2022-10-20 20:10
Modified
2024-09-16 19:46
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SolarWinds | SolarWinds Platform |
Version: unspecified < |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:21:32.213Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958", }, { tags: [ "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.3 and prior versions", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF5 and prior versions", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2022-10-19T00:00:00", descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-20T00:00:00", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958", }, { url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible.", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data", workarounds: [ { lang: "en", value: "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-36958", datePublished: "2022-10-20T20:10:01.367081Z", dateReserved: "2022-07-27T00:00:00", dateUpdated: "2024-09-16T19:46:10.622Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35221
Vulnerability from cvelistv5
Published
2021-08-31 12:13
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.6 and previous versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.282Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35221", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ImportAlert-Improper-Access-Control-Tampering-Vulnerability-CVE-2021-35221?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF1 ", status: "affected", version: "2020.2.6 and previous versions ", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Alex Birnberg of Zymo Security and FireEye for reporting on the issue in a responsible manner.", }, ], descriptions: [ { lang: "en", value: "Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-31T12:13:04", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35221", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ImportAlert-Improper-Access-Control-Tampering-Vulnerability-CVE-2021-35221?language=en_US", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35221", ], discovery: "EXTERNAL", }, title: "ImportAlert Improper Access Control Tampering Vulnerability", workarounds: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below: \nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ImportAlert-Improper-Access-Control-Tampering-Vulnerability-CVE-2021-35221?language=en_US\n\n\n", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35221", STATE: "PUBLIC", TITLE: "ImportAlert Improper Access Control Tampering Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<=", version_name: "2020.2.6 and previous versions ", version_value: "2020.2.6 HF1 ", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "SolarWinds would like to thank Alex Birnberg of Zymo Security and FireEye for reporting on the issue in a responsible manner.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284 Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35221", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35221", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ImportAlert-Improper-Access-Control-Tampering-Vulnerability-CVE-2021-35221?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ImportAlert-Improper-Access-Control-Tampering-Vulnerability-CVE-2021-35221?language=en_US", }, ], }, solution: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35221", ], discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below: \nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ImportAlert-Improper-Access-Control-Tampering-Vulnerability-CVE-2021-35221?language=en_US\n\n\n", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35221", datePublished: "2021-08-31T12:13:04", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.282Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38108
Vulnerability from cvelistv5
Published
2022-10-20 20:11
Modified
2024-09-17 01:31
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SolarWinds | SolarWinds Platform |
Version: unspecified < |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:45:52.518Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38108", }, { tags: [ "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17531", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171567/SolarWinds-Information-Service-SWIS-Remote-Command-Execution.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.3 and prior versions", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF5 and prior versions", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2022-10-19T00:00:00", descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-28T00:00:00", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38108", }, { url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17531", }, { url: "http://packetstormsecurity.com/files/171567/SolarWinds-Information-Service-SWIS-Remote-Command-Execution.html", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible.", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data", workarounds: [ { lang: "en", value: "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform. Special attention should be given to the following points from documentation: \n•\tBe careful not to expose your SolarWinds Platform website on the public Internet. If you must enable outbound Internet access from SolarWinds Servers, create a strict allow list and block all other traffic. See SolarWinds Platform Product Features Affected by Internet Access (https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-Product-Features-Affected-by-Internet-Access). \n•\tDisable unnecessary ports, protocols, and services on your host operating system and on applications, like SQL Server. For more details, see the SolarWinds Port Requirements guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-solarwinds-port-requirements.htm) and Best practices for configuring Windows Defender Firewall (© 2021 Microsoft, available at https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-configuring, obtained on January 13, 2021.) \n•\tApply proper segmentation controls on the network where you have deployed the SolarWinds Platform and SQL Server instances. \n•\tConfigure the firewall for the main polling engine to limit and restrict all inbound and outbound access for port 5671. Port 5671 should only communicate to your other SolarWinds Servers (in case of High Availability, both Active and Standby Primary Polling Engine Servers). You can check these by querying the OrionServers table in the SolarWinds Platform database. Ensure this rule is updated when the configuration of SolarWinds Platform changes, for example when you add new servers.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-38108", datePublished: "2022-10-20T20:11:25.181747Z", dateReserved: "2022-08-09T00:00:00", dateUpdated: "2024-09-17T01:31:27.053Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36957
Vulnerability from cvelistv5
Published
2022-10-20 20:08
Modified
2024-09-16 23:22
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SolarWinds | SolarWinds Platform |
Version: unspecified < |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:21:32.186Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957", }, { tags: [ "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.3 and prior versions", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF5 and prior versions", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2022-10-19T00:00:00", descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502: Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-20T00:00:00", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957", }, { url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible.", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data", workarounds: [ { lang: "en", value: "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform. Special attention should be given to the following points from documentation: \n•\tBe careful not to expose your SolarWinds Platform website on the public Internet. If you must enable outbound Internet access from SolarWinds Servers, create a strict allow list and block all other traffic. See SolarWinds Platform Product Features Affected by Internet Access (https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-Product-Features-Affected-by-Internet-Access). \n•\tDisable unnecessary ports, protocols, and services on your host operating system and on applications, like SQL Server. For more details, see the SolarWinds Port Requirements guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-solarwinds-port-requirements.htm) and Best practices for configuring Windows Defender Firewall (© 2021 Microsoft, available at https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-configuring, obtained on January 13, 2021.) \n•\tApply proper segmentation controls on the network where you have deployed the SolarWinds Platform and SQL Server instances. \n•\tConfigure the firewall for the main polling engine to limit and restrict all inbound and outbound access for port 5671. Port 5671 should only communicate to your other SolarWinds Servers (in case of High Availability, both Active and Standby Primary Polling Engine Servers). You can check these by querying the OrionServers table in the SolarWinds Platform database. Ensure this rule is updated when the configuration of SolarWinds Platform changes, for example when you add new servers.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-36957", datePublished: "2022-10-20T20:08:04.993494Z", dateReserved: "2022-07-27T00:00:00", dateUpdated: "2024-09-16T23:22:11.012Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3109
Vulnerability from cvelistv5
Published
2021-03-26 15:14
Modified
2024-08-03 16:45
Severity ?
EPSS score ?
Summary
The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.solarwinds.com/SuccessCenter/s/ | x_refsource_MISC | |
| https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:45:51.197Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-26T15:14:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-3109", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support.solarwinds.com/SuccessCenter/s/", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/", }, { name: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", refsource: "CONFIRM", url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-3109", datePublished: "2021-03-26T15:14:15", dateReserved: "2021-01-07T00:00:00", dateUpdated: "2024-08-03T16:45:51.197Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12863
Vulnerability from cvelistv5
Published
2020-02-25 16:52
Modified
2024-08-04 23:32
Severity ?
EPSS score ?
Summary
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:32:55.522Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/network-performance-monitor", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-12863-stored-html-injection-vulnerability-in-solarwinds-orion-platform-2018-4-hf3-npm-12-4-netpath-1-1-4/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-25T16:52:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/network-performance-monitor", }, { tags: [ "x_refsource_MISC", ], url: "https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-12863-stored-html-injection-vulnerability-in-solarwinds-orion-platform-2018-4-hf3-npm-12-4-netpath-1-1-4/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12863", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.solarwinds.com/network-performance-monitor", refsource: "MISC", url: "https://www.solarwinds.com/network-performance-monitor", }, { name: "https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-12863-stored-html-injection-vulnerability-in-solarwinds-orion-platform-2018-4-hf3-npm-12-4-netpath-1-1-4/", refsource: "MISC", url: "https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-12863-stored-html-injection-vulnerability-in-solarwinds-orion-platform-2018-4-hf3-npm-12-4-netpath-1-1-4/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12863", datePublished: "2020-02-25T16:52:09", dateReserved: "2019-06-16T00:00:00", dateUpdated: "2024-08-04T23:32:55.522Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47509
Vulnerability from cvelistv5
Published
2023-04-21 00:00
Modified
2025-02-04 21:11
Severity ?
EPSS score ?
Summary
The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject HTML.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2023.1 and prior versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.382Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47509", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47509", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T21:09:25.484974Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T21:11:36.903Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2023.2", status: "affected", version: "2023.1 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Juampa Rodriguez (@UnD3sc0n0c1d0) for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-04-16T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject HTML.</p>", }, ], value: "The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject HTML.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T20:05:48.322Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47509", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.2</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.2\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Incorrect Input Neutralization Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-47509", datePublished: "2023-04-21T00:00:00.000Z", dateReserved: "2022-12-15T00:00:00.000Z", dateUpdated: "2025-02-04T21:11:36.903Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35222
Vulnerability from cvelistv5
Published
2021-08-31 12:14
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.6 and previous versions < 2020.2.6 HF1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.294Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35222", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Resource-aspx-Reflected-Cross-Site-Scripting-Vulnerability-CVE-2021-35222?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6 HF1 ", status: "affected", version: "2020.2.6 and previous versions ", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: " SolarWinds would like to thank Alex Birnberg of Zymo Security and FireEye for reporting on the issue in a responsible manner. ", }, ], descriptions: [ { lang: "en", value: "This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-31T12:14:34", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35222", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Resource-aspx-Reflected-Cross-Site-Scripting-Vulnerability-CVE-2021-35222?language=en_US", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35222", ], discovery: "UNKNOWN", }, title: "Resource.aspx Reflected Cross-Site Scripting Vulnerability", workarounds: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Resource-aspx-Reflected-Cross-Site-Scripting-Vulnerability-CVE-2021-35222?language=en_US", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35222", STATE: "PUBLIC", TITLE: "Resource.aspx Reflected Cross-Site Scripting Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.6 and previous versions ", version_value: "2020.2.6 HF1 ", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: " SolarWinds would like to thank Alex Birnberg of Zymo Security and FireEye for reporting on the issue in a responsible manner. ", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35222", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35222", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Resource-aspx-Reflected-Cross-Site-Scripting-Vulnerability-CVE-2021-35222?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Resource-aspx-Reflected-Cross-Site-Scripting-Vulnerability-CVE-2021-35222?language=en_US", }, ], }, solution: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35222", ], discovery: "UNKNOWN", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Resource-aspx-Reflected-Cross-Site-Scripting-Vulnerability-CVE-2021-35222?language=en_US", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35222", datePublished: "2021-08-31T12:14:34", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.294Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36963
Vulnerability from cvelistv5
Published
2023-04-21 00:00
Modified
2025-02-05 16:04
Severity ?
EPSS score ?
Summary
The SolarWinds Platform was susceptible to the Command Injection Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform admin account to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds Platform Command Injection Vulnerability | SolarWinds Platform |
Version: 2023.1 and prior versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:21:32.376Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36963", }, { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-36963", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-05T16:04:37.996362Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-05T16:04:58.805Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds Platform Command Injection Vulnerability", versions: [ { lessThanOrEqual: "2023.2", status: "affected", version: "2023.1 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-04-16T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The SolarWinds Platform was susceptible to the Command Injection Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform admin account to execute arbitrary commands.</p>", }, ], value: "The SolarWinds Platform was susceptible to the Command Injection Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform admin account to execute arbitrary commands.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T16:52:32.153Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36963", }, { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.2</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.2\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-36963", datePublished: "2023-04-21T00:00:00.000Z", dateReserved: "2022-07-27T00:00:00.000Z", dateUpdated: "2025-02-05T16:04:58.805Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27870
Vulnerability from cvelistv5
Published
2021-02-10 22:15
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-21-066/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:25:43.489Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-066/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Orion Platform", vendor: "SolarWinds", versions: [ { status: "affected", version: "2020.2.1", }, ], }, ], credits: [ { lang: "en", value: "Anonymous", }, ], descriptions: [ { lang: "en", value: "This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-12T14:01:59", orgId: "99f1926a-a320-47d8-bbb5-42feb611262e", shortName: "zdi", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-066/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "zdi-disclosures@trendmicro.com", ID: "CVE-2020-27870", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { version_value: "2020.2.1", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: "Anonymous", data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917.", }, ], }, impact: { cvss: { vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-066/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-066/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e", assignerShortName: "zdi", cveId: "CVE-2020-27870", datePublished: "2021-02-10T22:15:15", dateReserved: "2020-10-27T00:00:00", dateUpdated: "2024-08-04T16:25:43.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47503
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-18 19:13
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2022.4.1 and prior versions 2022.4.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.197Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47503", }, { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47503", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T19:13:19.040701Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T19:13:30.988Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { status: "affected", version: "2022.4.1 and prior versions 2022.4.1", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-02-14T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.</p>", }, ], value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T19:56:27.879Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47503", }, { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-47503", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2022-12-15T00:00:00.000Z", dateUpdated: "2025-03-18T19:13:30.988Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35213
Vulnerability from cvelistv5
Published
2021-08-31 15:58
Modified
2024-09-16 20:26
Severity ?
EPSS score ?
Summary
An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.5 and previous versions < 2020.2.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.227Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1244/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.5", status: "affected", version: "2020.2.5 and previous versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Anonymous working with Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2021-09-01T00:00:00", descriptions: [ { lang: "en", value: "An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-28T11:06:11", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1244/", }, ], solutions: [ { lang: "en", value: "SolarWinds has identified the fix for this vulnerability and have included it in the Orion Platform version 2020.2.6", }, ], source: { defect: [ "CVE-2021-35213", ], discovery: "UNKNOWN", }, title: "Orion User setting Improper Access Control Privilege Escalation Vulnerability", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", DATE_PUBLIC: "2021-09-01T23:00:00.000Z", ID: "CVE-2021-35213", STATE: "PUBLIC", TITLE: "Orion User setting Improper Access Control Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.5 and previous versions", version_value: "2020.2.5", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "SolarWinds would like to thank Anonymous working with Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284 Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1244/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1244/", }, ], }, solution: [ { lang: "en", value: "SolarWinds has identified the fix for this vulnerability and have included it in the Orion Platform version 2020.2.6", }, ], source: { defect: [ "CVE-2021-35213", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35213", datePublished: "2021-08-31T15:58:48.612191Z", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-09-16T20:26:26.768Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36962
Vulnerability from cvelistv5
Published
2022-11-29 20:46
Modified
2024-09-17 00:46
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SolarWinds | SolarWinds Platform |
Version: 2022.3 and prior versions < |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:21:32.342Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36962", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.3", status: "affected", version: "2022.3 and prior versions", versionType: "custom", }, ], }, { product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF5", status: "affected", version: "2020.2.6 HF5 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2022-11-22T00:00:00", descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-29T00:00:00", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36962", }, ], solutions: [ { lang: "en", value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4", }, ], source: { discovery: "UNKNOWN", }, title: "SolarWinds Platform Command Injection", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-36962", datePublished: "2022-11-29T20:46:18.482036Z", dateReserved: "2022-07-27T00:00:00", dateUpdated: "2024-09-17T00:46:46.575Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17127
Vulnerability from cvelistv5
Published
2020-01-17 17:44
Modified
2024-08-05 01:33
Severity ?
EPSS score ?
Summary
A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:33:17.342Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-17T17:44:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-17127", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", refsource: "CONFIRM", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17127", datePublished: "2020-01-17T17:44:02", dateReserved: "2019-10-04T00:00:00", dateUpdated: "2024-08-05T01:33:17.342Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9546
Vulnerability from cvelistv5
Published
2019-03-01 22:00
Modified
2024-08-04 21:54
Severity ?
EPSS score ?
Summary
SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T21:54:44.448Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-03-01T00:00:00", descriptions: [ { lang: "en", value: "SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-18T17:22:51", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9546", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2", refsource: "CONFIRM", url: "https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability", refsource: "CONFIRM", url: "https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability", }, { name: "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md", refsource: "MISC", url: "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9546", datePublished: "2019-03-01T22:00:00", dateReserved: "2019-03-01T00:00:00", dateUpdated: "2024-08-04T21:54:44.448Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-23845
Vulnerability from cvelistv5
Published
2023-09-13 22:07
Modified
2025-02-27 20:52
Severity ?
EPSS score ?
Summary
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:42:27.044Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23845", }, { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-23845", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:51:15.959041Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T20:52:39.866Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThan: "2023.3.1", status: "affected", version: "0", versionType: "2023.3.1", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-07-25T00:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.", }, ], value: "The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.", }, ], impacts: [ { capecId: "CAPEC-1", descriptions: [ { lang: "en", value: "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-697", description: "CWE-697 Incorrect Comparison", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T17:03:05.656Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23845", }, { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.3.1<br>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.3.1\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Exposed Dangerous Method Vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2023-23845", datePublished: "2023-09-13T22:07:47.139Z", dateReserved: "2023-01-18T22:55:27.985Z", dateUpdated: "2025-02-27T20:52:39.866Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47507
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-18 19:12
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2022.4.1 and prior versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.185Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47507", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47507", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T19:12:01.000891Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T19:12:04.989Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.4.1", status: "affected", version: "2022.4.1 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-02-14T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.</p>", }, ], value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T20:03:46.305Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47507", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1.</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1.\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-47507", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2022-12-15T00:00:00.000Z", dateUpdated: "2025-03-18T19:12:04.989Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35240
Vulnerability from cvelistv5
Published
2021-08-31 15:57
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.6 and previous versions < 2020.2.6 HF1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.240Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35240", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6 HF1 ", status: "affected", version: "2020.2.6 and previous versions ", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Kajetan Rostojek for reporting on the issue in a responsible manner. ", }, ], descriptions: [ { lang: "en", value: "A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-31T15:57:21", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35240", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35240", ], discovery: "UNKNOWN", }, title: "Stored XSS via Help Server settings", workarounds: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US\n", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35240", STATE: "PUBLIC", TITLE: "Stored XSS via Help Server settings", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.6 and previous versions ", version_value: "2020.2.6 HF1 ", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "SolarWinds would like to thank Kajetan Rostojek for reporting on the issue in a responsible manner. ", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35240", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35240", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US", }, ], }, solution: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35240", ], discovery: "UNKNOWN", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US\n", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35240", datePublished: "2021-08-31T15:57:21", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.240Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38111
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-19 19:46
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2022.4.1 and prior versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:45:52.621Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38111", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-38111", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T19:46:40.877583Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-19T19:46:50.100Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.4.1", status: "affected", version: "2022.4.1 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-02-15T00:00:00.000Z", descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-15T00:00:00.000Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38111", }, ], solutions: [ { lang: "en", value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-38111", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2022-08-09T00:00:00.000Z", dateUpdated: "2025-03-19T19:46:50.100Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35219
Vulnerability from cvelistv5
Published
2021-08-31 11:01
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.6 and previous versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.192Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF1 ", status: "affected", version: "2020.2.6 and previous versions ", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Alex Birnberg of Zymo Security and FireEye for reporting on the issue in a responsible manner. ", }, ], descriptions: [ { lang: "en", value: "ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Remote Command Injection ", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-31T11:01:50", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35219", ], discovery: "EXTERNAL", }, title: "ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability", workarounds: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35219", STATE: "PUBLIC", TITLE: "ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<=", version_name: "2020.2.6 and previous versions ", version_value: "2020.2.6 HF1 ", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "SolarWinds would like to thank Alex Birnberg of Zymo Security and FireEye for reporting on the issue in a responsible manner. ", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Command Injection ", }, ], }, ], }, references: { reference_data: [ { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US", }, { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, ], }, solution: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35219", ], discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35219", datePublished: "2021-08-31T11:01:50", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.192Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27871
Vulnerability from cvelistv5
Published
2021-02-10 22:15
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-21-067/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:25:43.288Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-067/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Orion Platform", vendor: "SolarWinds", versions: [ { status: "affected", version: "2020.2.1", }, ], }, ], credits: [ { lang: "en", value: "Anonymous", }, ], descriptions: [ { lang: "en", value: "This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-12T14:02:28", orgId: "99f1926a-a320-47d8-bbb5-42feb611262e", shortName: "zdi", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-067/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "zdi-disclosures@trendmicro.com", ID: "CVE-2020-27871", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { version_value: "2020.2.1", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: "Anonymous", data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902.", }, ], }, impact: { cvss: { vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-067/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-067/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e", assignerShortName: "zdi", cveId: "CVE-2020-27871", datePublished: "2021-02-10T22:15:16", dateReserved: "2020-10-27T00:00:00", dateUpdated: "2024-08-04T16:25:43.288Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35244
Vulnerability from cvelistv5
Published
2021-12-20 20:08
Modified
2024-09-16 22:10
Severity ?
EPSS score ?
Summary
The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.6 HF 2 and previous versions < 2020.2.6 HF 3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.297Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-22-375/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6 HF 3", status: "affected", version: "2020.2.6 HF 2 and previous versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "dibs working with Trend Micro's Zero Day Initiative.", }, ], datePublic: "2021-12-20T00:00:00", descriptions: [ { lang: "en", value: "The \"Log alert to a file\" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "https://cwe.mitre.org/data/definitions/1031.html", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-16T18:06:19", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-22-375/", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends customers upgrade to the latest version once it becomes generally available.", }, ], source: { defect: [ "CVE-2021-35244", ], discovery: "UNKNOWN", }, title: "Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6", workarounds: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-File-Upload-Causing-Remote-Code-Execution-Vulnerability-CVE-2021-35244", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", DATE_PUBLIC: "2021-12-20T10:51:00.000Z", ID: "CVE-2021-35244", STATE: "PUBLIC", TITLE: "Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.6 HF 2 and previous versions", version_value: "2020.2.6 HF 3", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "dibs working with Trend Micro's Zero Day Initiative.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The \"Log alert to a file\" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "https://cwe.mitre.org/data/definitions/1031.html", }, ], }, ], }, references: { reference_data: [ { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242", }, { name: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-22-375/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-22-375/", }, ], }, solution: [ { lang: "en", value: "SolarWinds recommends customers upgrade to the latest version once it becomes generally available.", }, ], source: { defect: [ "CVE-2021-35244", ], discovery: "UNKNOWN", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-File-Upload-Causing-Remote-Code-Execution-Vulnerability-CVE-2021-35244", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35244", datePublished: "2021-12-20T20:08:24.786551Z", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-09-16T22:10:26.291Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35248
Vulnerability from cvelistv5
Published
2021-12-20 20:08
Modified
2024-09-16 20:07
Severity ?
EPSS score ?
Summary
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion |
Version: 2020.2.6 HF 2 and previous versions < 2020.2.6 HF 3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.261Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Windows", ], product: "Orion", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6 HF 3", status: "affected", version: "2020.2.6 HF 2 and previous versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "N/A", }, ], datePublic: "2021-12-19T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.</p>", }, ], value: "It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T20:32:27.141Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>This vulnerability has been fixed in Orion version 2020.2.6 HF3, customers are advised to upgrade to the latest version once it it is available.</p>", }, ], value: "This vulnerability has been fixed in Orion version 2020.2.6 HF3, customers are advised to upgrade to the latest version once it it is available.", }, ], source: { discovery: "EXTERNAL", }, title: "Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:</p><p>https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-access-to-Orion-UserSettings-SWIS-entity-for-low-privilege-users-CVE-2021-35248</p>", }, ], value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\n\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-access-to-Orion-UserSettings-SWIS-entity-for-low-privilege-users-CVE-2021-35248", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", DATE_PUBLIC: "2021-12-20T11:16:00.000Z", ID: "CVE-2021-35248", STATE: "PUBLIC", TITLE: "Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.6 HF 2 and previous versions", version_value: "2020.2.6 HF 3", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "N/A", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284 Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { name: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, ], }, solution: [ { lang: "en", value: "This vulnerability has been fixed in Orion version 2020.2.6 HF3, customers are advised to upgrade to the latest version once it it is available.", }, ], source: { discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-access-to-Orion-UserSettings-SWIS-entity-for-low-privilege-users-CVE-2021-35248", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35248", datePublished: "2021-12-20T20:08:24.068411Z", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-09-16T20:07:13.877Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47505
Vulnerability from cvelistv5
Published
2023-04-21 00:00
Modified
2025-02-05 16:01
Severity ?
EPSS score ?
Summary
The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2023.1 and prior versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.170Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-47505", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47505", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-05T16:01:31.866879Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-05T16:01:48.149Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2023.2", status: "affected", version: "2023.1 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-04-16T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.</p>", }, ], value: "The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Link Resolution Before File Access ('Link Following')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T20:35:12.302Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-47505", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.2</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.2\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Local Privilege Escalation Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-47505", datePublished: "2023-04-21T00:00:00.000Z", dateReserved: "2022-12-15T00:00:00.000Z", dateUpdated: "2025-02-05T16:01:48.149Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36960
Vulnerability from cvelistv5
Published
2022-11-29 20:43
Modified
2024-09-17 03:03
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SolarWinds | SolarWinds Platform |
Version: 2022.3 and prior versions < 2022.3 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:21:32.333Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36960", }, { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThan: "2022.3", status: "affected", version: "2022.3 and prior versions", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF5", status: "affected", version: "2020.2.6 HF5 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2022-11-21T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.</p>", }, ], value: "SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287 Improper Authentication", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T20:34:08.739Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36960", }, { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4", }, ], source: { discovery: "UNKNOWN", }, title: "SolarWinds Platform Improper Input Validation", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-36960", datePublished: "2022-11-29T20:43:38.388429Z", dateReserved: "2022-07-27T00:00:00", dateUpdated: "2024-09-17T03:03:25.353Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27258
Vulnerability from cvelistv5
Published
2021-04-14 15:45
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. Was ZDI-CAN-11903.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-21-192/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:48:15.879Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-192/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Orion Platform", vendor: "SolarWinds", versions: [ { status: "affected", version: "2020.2", }, ], }, ], credits: [ { lang: "en", value: "Anonymous", }, ], descriptions: [ { lang: "en", value: "This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. Was ZDI-CAN-11903.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284: Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-14T15:45:58", orgId: "99f1926a-a320-47d8-bbb5-42feb611262e", shortName: "zdi", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-192/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "zdi-disclosures@trendmicro.com", ID: "CVE-2021-27258", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { version_value: "2020.2", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: "Anonymous", data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. Was ZDI-CAN-11903.", }, ], }, impact: { cvss: { vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284: Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-192/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-192/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e", assignerShortName: "zdi", cveId: "CVE-2021-27258", datePublished: "2021-04-14T15:45:58", dateReserved: "2021-02-16T00:00:00", dateUpdated: "2024-08-03T20:48:15.879Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36961
Vulnerability from cvelistv5
Published
2022-09-30 16:06
Modified
2024-09-16 20:31
Severity ?
EPSS score ?
Summary
A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2022.2.3 and previous versions < 2022.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:21:32.333Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2022.2.3", status: "affected", version: "2022.2.3 and previous versions", versionType: "custom", }, ], }, ], datePublic: "2022-09-27T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.</p>", }, ], value: "A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 SQL Injection", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T16:46:36.401Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)", }, ], source: { defect: [ "CVE-2022-36961", ], discovery: "UNKNOWN", }, title: "Orion Platform SQL Injection Privilege Escalation Vulnerability", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", DATE_PUBLIC: "2022-09-28T14:35:00.000Z", ID: "CVE-2022-36961", STATE: "PUBLIC", TITLE: "Orion Platform SQL Injection Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { version_affected: "<", version_name: "2022.2.3 and previous versions", version_value: "2022.2.3", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-89 SQL Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961", refsource: "CONFIRM", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961", }, { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm", refsource: "CONFIRM", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm", }, ], }, solution: [ { lang: "en", value: "All SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)", }, ], source: { defect: [ "CVE-2022-36961", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-36961", datePublished: "2022-09-30T16:06:10.288797Z", dateReserved: "2022-07-27T00:00:00", dateUpdated: "2024-09-16T20:31:16.687Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35234
Vulnerability from cvelistv5
Published
2021-12-20 20:08
Modified
2024-09-16 18:59
Severity ?
EPSS score ?
Summary
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3 | x_refsource_MISC | |
| https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm | x_refsource_MISC | |
| https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35234 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1598/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1596/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1604/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1600/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1601/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1602/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1597/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1599/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1603/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Core |
Version: 2020.2.6 HF 2 and previous versions < 2020.2.6 HF 3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.261Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35234", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1598/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1596/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1604/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1600/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1601/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1602/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1597/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1599/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1603/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Windows", ], product: "Orion Core", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6 HF 3", status: "affected", version: "2020.2.6 HF 2 and previous versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Trend Micro, Zero Day Initiative", }, ], datePublic: "2021-12-19T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.</p>", }, ], value: "Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Exposed Dangerous Method or Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T20:30:52.441Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35234", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1598/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1596/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1604/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1600/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1601/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1602/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1597/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1599/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1603/", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The SolarWinds Development Team has created a fix for this vulnerability by revoking permission to non-admin users when running SQL Queries.</p><p>SolarWinds advises its customers to upgrade to the latest version (2020.2.6 HF3) once it becomes generally available.</p>", }, ], value: "The SolarWinds Development Team has created a fix for this vulnerability by revoking permission to non-admin users when running SQL Queries.\n\nSolarWinds advises its customers to upgrade to the latest version (2020.2.6 HF3) once it becomes generally available.", }, ], source: { defect: [ "CVE-2021-35234", ], discovery: "EXTERNAL", }, title: "Exposed Dangerous Functions - Privileged Escalation", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:</p><p>https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Exposed-Dangerous-Functions-Privileged-Escalation-CVE-2021-35234</p>", }, ], value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\n\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Exposed-Dangerous-Functions-Privileged-Escalation-CVE-2021-35234", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", DATE_PUBLIC: "2021-12-20T12:52:00.000Z", ID: "CVE-2021-35234", STATE: "PUBLIC", TITLE: "Exposed Dangerous Functions - Privileged Escalation", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Core", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.6 HF 2 and previous versions", version_value: "2020.2.6 HF 3", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "Trend Micro, Zero Day Initiative", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-749 Exposed Dangerous Method or Function", }, ], }, ], }, references: { reference_data: [ { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { name: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35234", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35234", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1598/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1598/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1596/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1596/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1604/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1604/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1600/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1600/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1601/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1601/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1602/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1602/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1597/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1597/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1599/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1599/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1603/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1603/", }, ], }, solution: [ { lang: "en", value: "The SolarWinds Development Team has created a fix for this vulnerability by revoking permission to non-admin users when running SQL Queries.SolarWinds advises its customers to upgrade to the latest version (2020.2.6 HF3) once it becomes generally available.", }, ], source: { defect: [ "CVE-2021-35234", ], discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Exposed-Dangerous-Functions-Privileged-Escalation-CVE-2021-35234", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35234", datePublished: "2021-12-20T20:08:25.522543Z", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-09-16T18:59:20.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25275
Vulnerability from cvelistv5
Published
2021-02-03 16:49
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:11.088Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-03T16:49:08", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-25275", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", refsource: "MISC", url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-25275", datePublished: "2021-02-03T16:49:08", dateReserved: "2021-01-15T00:00:00", dateUpdated: "2024-08-03T19:56:11.088Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25274
Vulnerability from cvelistv5
Published
2021-02-03 16:49
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:11.056Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-03T17:04:23", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-25274", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", refsource: "MISC", url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-25274", datePublished: "2021-02-03T16:49:26", dateReserved: "2021-01-15T00:00:00", dateUpdated: "2024-08-03T19:56:11.056Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47506
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-18 19:12
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. This vulnerability allows a local adversary with authenticated account access to edit the default configuration, enabling the execution of arbitrary commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2022.4.1 and prior versions 2022.4.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.359Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47506", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47506", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T19:12:21.653702Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T19:12:30.042Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { status: "affected", version: "2022.4.1 and prior versions 2022.4.1", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-02-14T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. This vulnerability allows a local adversary with authenticated account access to edit the default configuration, enabling the execution of arbitrary commands.</p>", }, ], value: "SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. This vulnerability allows a local adversary with authenticated account access to edit the default configuration, enabling the execution of arbitrary commands.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T20:01:10.590Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47506", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1.</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1.\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Directory Traversal Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-47506", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2022-12-15T00:00:00.000Z", dateUpdated: "2025-03-18T19:12:30.042Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12864
Vulnerability from cvelistv5
Published
2020-05-04 13:30
Modified
2024-08-04 23:32
Severity ?
EPSS score ?
Summary
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.solarwinds.com/network-performance-monitor | x_refsource_MISC | |
| https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:32:55.509Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/network-performance-monitor", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-04T13:30:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/network-performance-monitor", }, { tags: [ "x_refsource_MISC", ], url: "https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12864", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.solarwinds.com/network-performance-monitor", refsource: "MISC", url: "https://www.solarwinds.com/network-performance-monitor", }, { name: "https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/", refsource: "MISC", url: "https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12864", datePublished: "2020-05-04T13:30:46", dateReserved: "2019-06-16T00:00:00", dateUpdated: "2024-08-04T23:32:55.509Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35239
Vulnerability from cvelistv5
Published
2021-08-31 15:56
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.6 and previous versions < 2020.2.6 HF1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.271Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35239", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-in-Maps-text-box-hyperlink-vulnerability-CVE-2021-35239?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6 HF1 ", status: "affected", version: "2020.2.6 and previous versions ", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Kajetan Rostojek for reporting on the issue in a responsible manner. ", }, ], descriptions: [ { lang: "en", value: "A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-31T15:56:08", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35239", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-in-Maps-text-box-hyperlink-vulnerability-CVE-2021-35239?language=en_US", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35239", ], discovery: "UNKNOWN", }, title: "Stored XSS in Maps text box hyperlink Vulnerability", workarounds: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-in-Maps-text-box-hyperlink-vulnerability-CVE-2021-35239?language=en_US", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35239", STATE: "PUBLIC", TITLE: "Stored XSS in Maps text box hyperlink Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.6 and previous versions ", version_value: "2020.2.6 HF1 ", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "SolarWinds would like to thank Kajetan Rostojek for reporting on the issue in a responsible manner. ", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35239", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35239", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-in-Maps-text-box-hyperlink-vulnerability-CVE-2021-35239?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-in-Maps-text-box-hyperlink-vulnerability-CVE-2021-35239?language=en_US", }, ], }, solution: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35239", ], discovery: "UNKNOWN", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-in-Maps-text-box-hyperlink-vulnerability-CVE-2021-35239?language=en_US", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35239", datePublished: "2021-08-31T15:56:08", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.271Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27277
Vulnerability from cvelistv5
Published
2021-04-22 17:50
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OneTimeJobSchedulerEventsService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11955.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Virtual Infrastructure Monitor |
Version: 2020.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:48:16.038Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-373/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm#Fixed", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Orion Virtual Infrastructure Monitor", vendor: "SolarWinds", versions: [ { status: "affected", version: "2020.2", }, ], }, ], credits: [ { lang: "en", value: "Harrison Neal", }, ], descriptions: [ { lang: "en", value: "This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OneTimeJobSchedulerEventsService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11955.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502: Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-22T17:50:13", orgId: "99f1926a-a320-47d8-bbb5-42feb611262e", shortName: "zdi", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-373/", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm#Fixed", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "zdi-disclosures@trendmicro.com", ID: "CVE-2021-27277", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Virtual Infrastructure Monitor", version: { version_data: [ { version_value: "2020.2", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: "Harrison Neal", data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OneTimeJobSchedulerEventsService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11955.", }, ], }, impact: { cvss: { vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-502: Deserialization of Untrusted Data", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-373/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-373/", }, { name: "https://documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm#Fixed", refsource: "MISC", url: "https://documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm#Fixed", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e", assignerShortName: "zdi", cveId: "CVE-2021-27277", datePublished: "2021-04-22T17:50:13", dateReserved: "2021-02-16T00:00:00", dateUpdated: "2024-08-03T20:48:16.038Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-23840
Vulnerability from cvelistv5
Published
2023-09-13 22:07
Modified
2025-02-27 20:52
Severity ?
EPSS score ?
Summary
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:42:26.647Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23840", }, { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-23840", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:51:17.221429Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T20:52:47.742Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThan: "2023.3.1", status: "affected", version: "0", versionType: "2023.3", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-07-25T00:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.", }, ], value: "The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.", }, ], impacts: [ { capecId: "CAPEC-1", descriptions: [ { lang: "en", value: "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-697", description: "CWE-697 Incorrect Comparison", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T17:02:22.963Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23840", }, { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.3.1<br>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.3.1\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Exposed Dangerous Method Vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2023-23840", datePublished: "2023-09-13T22:07:30.566Z", dateReserved: "2023-01-18T22:55:27.983Z", dateUpdated: "2025-02-27T20:52:47.742Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17125
Vulnerability from cvelistv5
Published
2020-01-17 17:42
Modified
2024-08-05 01:33
Severity ?
EPSS score ?
Summary
A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:33:16.654Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-17T17:42:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-17125", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", refsource: "CONFIRM", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17125", datePublished: "2020-01-17T17:42:17", dateReserved: "2019-10-04T00:00:00", dateUpdated: "2024-08-05T01:33:16.654Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36966
Vulnerability from cvelistv5
Published
2022-10-20 20:05
Modified
2024-09-16 18:48
Severity ?
EPSS score ?
Summary
Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2022.3 and previous < 2022.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:21:32.223Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36966", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Windows", ], product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThan: "2022.3", status: "affected", version: "2022.3 and previous", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Asim Liaquat", }, ], datePublic: "2022-10-18T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.</p>", }, ], value: "Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Insecure Direct Object Reference Vulnerability: Orion Platform 2020.2.6", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T16:58:36.397Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36966", }, ], source: { discovery: "UNKNOWN", }, title: "Insecure Direct Object Reference Vulnerability: Orion Platform 2020.2.6", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-36966", datePublished: "2022-10-20T20:05:35.645255Z", dateReserved: "2022-07-27T00:00:00", dateUpdated: "2024-09-16T18:48:39.156Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-10148
Vulnerability from cvelistv5
Published
2020-12-29 21:55
Modified
2024-09-16 17:28
Severity ?
EPSS score ?
Summary
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.solarwinds.com/securityadvisory | x_refsource_CONFIRM | |
| https://kb.cert.org/vuls/id/843464 | third-party-advisory, x_refsource_CERT-VN |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2019.4 HF 5 Version: 2020.2 without hotfix Version: 2020.2 HF 1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:50:57.882Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://www.kb.cert.org/vuls/id/843464", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.solarwinds.com/securityadvisory", }, { name: "VU#843464", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://kb.cert.org/vuls/id/843464", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "orion_platform", vendor: "solarwinds", versions: [ { status: "affected", version: "2019.4", }, ], }, { cpes: [ "cpe:2.3:a:solarwinds:orion_platform:2020.2.1:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "orion_platform", vendor: "solarwinds", versions: [ { status: "affected", version: "2020.2.1", }, ], }, { cpes: [ "cpe:2.3:a:solarwinds:orion_platform:2020.2:hotfix1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "orion_platform", vendor: "solarwinds", versions: [ { status: "affected", version: "2020.2", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2020-10148", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-01T19:31:04.550116Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-10148", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-08-01T19:37:49.490Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Orion Platform", vendor: "SolarWinds", versions: [ { status: "affected", version: "2019.4 HF 5", }, { status: "affected", version: "2020.2 without hotfix", }, { status: "affected", version: "2020.2 HF 1", }, ], }, ], datePublic: "2020-12-13T00:00:00", descriptions: [ { lang: "en", value: "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-288", description: "CWE-288 Authentication Bypass Using an Alternate Path or Channel", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T21:55:16", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.solarwinds.com/securityadvisory", }, { name: "VU#843464", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://kb.cert.org/vuls/id/843464", }, ], solutions: [ { lang: "en", value: "Users should update to the relevant versions of the SolarWinds Orion Platform:\n\n2019.4 HF 6 (released December 14, 2020)\n2020.2.1 HF 2 (released December 15, 2020)\n2019.2 SUPERNOVA Patch (released December 23, 2020)\n2018.4 SUPERNOVA Patch (released December 23, 2020)\n2018.2 SUPERNOVA Patch (released December 23, 2020)", }, ], source: { discovery: "UNKNOWN", }, title: "SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { AKA: "SUNBURST", ASSIGNER: "cert@cert.org", DATE_PUBLIC: "2020-12-13T00:00:00.000Z", ID: "CVE-2020-10148", STATE: "PUBLIC", TITLE: "SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { version_affected: "=", version_name: "2019.4 HF 5", version_value: "2019.4 HF 5", }, { version_affected: "=", version_name: "2020.2 without hotfix", version_value: "2020.2 without hotfix", }, { version_affected: "=", version_name: "2020.2 HF 1", version_value: "2020.2 HF 1", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-288 Authentication Bypass Using an Alternate Path or Channel", }, ], }, ], }, references: { reference_data: [ { name: "https://www.solarwinds.com/securityadvisory", refsource: "CONFIRM", url: "https://www.solarwinds.com/securityadvisory", }, { name: "VU#843464", refsource: "CERT-VN", url: "https://kb.cert.org/vuls/id/843464", }, ], }, solution: [ { lang: "en", value: "Users should update to the relevant versions of the SolarWinds Orion Platform:\n\n2019.4 HF 6 (released December 14, 2020)\n2020.2.1 HF 2 (released December 15, 2020)\n2019.2 SUPERNOVA Patch (released December 23, 2020)\n2018.4 SUPERNOVA Patch (released December 23, 2020)\n2018.2 SUPERNOVA Patch (released December 23, 2020)", }, ], source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2020-10148", datePublished: "2020-12-29T21:55:16.195722Z", dateReserved: "2020-03-05T00:00:00", dateUpdated: "2024-09-16T17:28:03.664Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35215
Vulnerability from cvelistv5
Published
2021-09-01 14:21
Modified
2024-09-16 19:52
Severity ?
EPSS score ?
Summary
Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.5 and previous versions < 2020.2.6 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.252Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6", status: "affected", version: "2020.2.5 and previous versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Jangggggg working with Trend Micro Zero Day Initiative", }, ], datePublic: "2021-07-15T00:00:00", descriptions: [ { lang: "en", value: "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-28T11:06:20", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/", }, ], solutions: [ { lang: "en", value: "Customers are advised to update to Orion Platform 2020.2.6 once it becomes available,", }, ], source: { defect: [ "CVE-2021-35215", ], discovery: "UNKNOWN", }, title: "ActionPluginBaseView Deserialization of Untrusted Data RCE", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", DATE_PUBLIC: "2021-07-15T16:08:00.000Z", ID: "CVE-2021-35215", STATE: "PUBLIC", TITLE: "ActionPluginBaseView Deserialization of Untrusted Data RCE", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.5 and previous versions", version_value: "2020.2.6", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "Jangggggg working with Trend Micro Zero Day Initiative", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-502 Deserialization of Untrusted Data", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215", }, { name: "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", refsource: "MISC", url: "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/", }, ], }, solution: [ { lang: "en", value: "Customers are advised to update to Orion Platform 2020.2.6 once it becomes available,", }, ], source: { defect: [ "CVE-2021-35215", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35215", datePublished: "2021-09-01T14:21:46.258591Z", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-09-16T19:52:15.792Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35218
Vulnerability from cvelistv5
Published
2021-09-01 14:24
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Patch Manager |
Version: 2020.5 and previous versions < 2020.2.6 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.326Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1248/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Patch Manager ", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6", status: "affected", version: "2020.5 and previous versions ", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Jangggggg via Trend Micro Zero Day Initiative", }, ], descriptions: [ { lang: "en", value: "Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-28T11:06:06", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1248/", }, ], solutions: [ { lang: "en", value: "This issue is fixed in the release of the Patch Manager module for Orion Platform version 2020.2.6.", }, ], source: { defect: [ "CVE-2021-35218", "", ], discovery: "EXTERNAL", }, title: "Chart Endpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35218", STATE: "PUBLIC", TITLE: "Chart Endpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Patch Manager ", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.5 and previous versions ", version_value: "2020.2.6", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "Jangggggg via Trend Micro Zero Day Initiative", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-502 Deserialization of Untrusted Data", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1248/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1248/", }, ], }, solution: [ { lang: "en", value: "This issue is fixed in the release of the Patch Manager module for Orion Platform version 2020.2.6.", }, ], source: { defect: [ "CVE-2021-35218", "", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35218", datePublished: "2021-09-01T14:24:13", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.326Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35220
Vulnerability from cvelistv5
Published
2021-08-31 11:03
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.6 and previous versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.199Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35220", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-EmailWebPage-Command-Injection-RCE-CVE-2021-35220?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF1 ", status: "affected", version: "2020.2.6 and previous versions ", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Alex Birnberg of Zymo Security and FireEye for reporting on the issue in a responsible manner. ", }, ], descriptions: [ { lang: "en", value: "Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Remote Command Injection ", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-31T11:03:45", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35220", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-EmailWebPage-Command-Injection-RCE-CVE-2021-35220?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35220", ], discovery: "EXTERNAL", }, title: "EmailWebPage Command Injection RCE", workarounds: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-EmailWebPage-Command-Injection-RCE-CVE-2021-35220?language=en_US", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35220", STATE: "PUBLIC", TITLE: "EmailWebPage Command Injection RCE", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<=", version_name: "2020.2.6 and previous versions ", version_value: "2020.2.6 HF1 ", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "SolarWinds would like to thank Alex Birnberg of Zymo Security and FireEye for reporting on the issue in a responsible manner. ", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Command Injection ", }, ], }, ], }, references: { reference_data: [ { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35220", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35220", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-EmailWebPage-Command-Injection-RCE-CVE-2021-35220?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-EmailWebPage-Command-Injection-RCE-CVE-2021-35220?language=en_US", }, { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, ], }, solution: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35220", ], discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-EmailWebPage-Command-Injection-RCE-CVE-2021-35220?language=en_US", }, ], }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35220", datePublished: "2021-08-31T11:03:45", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.199Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35238
Vulnerability from cvelistv5
Published
2021-09-01 11:02
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.6 and previous versions < 2020.2.6 HF1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.272Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.6 HF1 ", status: "affected", version: "2020.2.6 and previous versions ", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: " SolarWinds would like to thank Kajetan Rostojek for reporting on the issue in a responsible manner. ", }, ], descriptions: [ { lang: "en", value: "User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-02T19:02:44", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238", }, ], solutions: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35238", ], discovery: "UNKNOWN", }, title: "Stored XSS through URL POST parameter in CreateExternalWebsite Vulnerability ", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35238", STATE: "PUBLIC", TITLE: "Stored XSS through URL POST parameter in CreateExternalWebsite Vulnerability ", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "2020.2.6 and previous versions ", version_value: "2020.2.6 HF1 ", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: " SolarWinds would like to thank Kajetan Rostojek for reporting on the issue in a responsible manner. ", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238", }, { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238", }, ], }, solution: [ { lang: "en", value: "SolarWinds recommends installing 2020.2.6 Hotfix 1 for the Orion Platform as soon as it becomes available. All customers should implement all the recommendations from the Orion Secure Configuration Guide.", }, ], source: { defect: [ "CVE-2021-35238", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35238", datePublished: "2021-09-01T11:02:35", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.272Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28674
Vulnerability from cvelistv5
Published
2021-07-27 15:41
Modified
2024-08-03 21:47
Severity ?
EPSS score ?
Summary
The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform.
References
| ▼ | URL | Tags |
|---|---|---|
| https://pastebin.com/zFUd2cCj | x_refsource_MISC | |
| https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:47:33.162Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://pastebin.com/zFUd2cCj", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-27T15:41:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://pastebin.com/zFUd2cCj", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-28674", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://pastebin.com/zFUd2cCj", refsource: "MISC", url: "https://pastebin.com/zFUd2cCj", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674", refsource: "CONFIRM", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-28674", datePublished: "2021-07-27T15:41:04", dateReserved: "2021-03-18T00:00:00", dateUpdated: "2024-08-03T21:47:33.162Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-13169
Vulnerability from cvelistv5
Published
2020-09-17 17:40
Modified
2024-08-04 12:11
Severity ?
EPSS score ?
Summary
Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:11:19.323Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm#NewFeaturesOrion", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-17T17:40:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm#NewFeaturesOrion", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-13169", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support.solarwinds.com/SuccessCenter/s/", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/", }, { name: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm#NewFeaturesOrion", refsource: "CONFIRM", url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm#NewFeaturesOrion", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-13169", datePublished: "2020-09-17T17:40:15", dateReserved: "2020-05-19T00:00:00", dateUpdated: "2024-08-04T12:11:19.323Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35856
Vulnerability from cvelistv5
Published
2021-03-26 15:17
Modified
2024-08-04 17:16
Severity ?
EPSS score ?
Summary
SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.solarwinds.com/SuccessCenter/s/ | x_refsource_MISC | |
| https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:16:12.624Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-26T15:17:14", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35856", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support.solarwinds.com/SuccessCenter/s/", refsource: "MISC", url: "https://support.solarwinds.com/SuccessCenter/s/", }, { name: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", refsource: "CONFIRM", url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35856", datePublished: "2021-03-26T15:17:14", dateReserved: "2020-12-30T00:00:00", dateUpdated: "2024-08-04T17:16:12.624Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35212
Vulnerability from cvelistv5
Published
2021-08-31 17:00
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Version: 2020.2.5 and previous versions < 2020.2.5 HF1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:51.205Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1243/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThan: "2020.2.5 HF1 ", status: "affected", version: "2020.2.5 and previous versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Anonymous working with Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner. ", }, ], descriptions: [ { lang: "en", value: "An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Blind SQL injection Vulnerability ", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-28T11:06:15", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { tags: [ "x_refsource_MISC", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1243/", }, ], solutions: [ { lang: "en", value: "SolarWinds has identified a fix for this vulnerability and included the fix in Orion Platform 2020.2.5 Hotfix 1 and, In addition, backported the fixes to Orion Platform 2019.4.2 and 2019.2 HF4,respectively. \n", }, ], source: { defect: [ "CVE-2021-35212", ], discovery: "UNKNOWN", }, title: "Blind SQL injection Vulnerability ", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@solarwinds.com", ID: "CVE-2021-35212", STATE: "PUBLIC", TITLE: "Blind SQL injection Vulnerability ", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Orion Platform", version: { version_data: [ { version_affected: "<", version_name: "2020.2.5 and previous versions", version_value: "2020.2.5 HF1 ", }, ], }, }, ], }, vendor_name: "SolarWinds", }, ], }, }, credit: [ { lang: "eng", value: "SolarWinds would like to thank Anonymous working with Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner. ", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Blind SQL injection Vulnerability ", }, ], }, ], }, references: { reference_data: [ { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { name: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", refsource: "MISC", url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { name: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212", refsource: "MISC", url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1243/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1243/", }, ], }, solution: [ { lang: "en", value: "SolarWinds has identified a fix for this vulnerability and included the fix in Orion Platform 2020.2.5 Hotfix 1 and, In addition, backported the fixes to Orion Platform 2019.4.2 and 2019.2 HF4,respectively. \n", }, ], source: { defect: [ "CVE-2021-35212", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2021-35212", datePublished: "2021-08-31T17:00:15", dateReserved: "2021-06-22T00:00:00", dateUpdated: "2024-08-04T00:33:51.205Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36964
Vulnerability from cvelistv5
Published
2022-11-29 20:47
Modified
2024-09-16 21:57
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SolarWinds | SolarWinds Platform |
Version: 2022.3 and prior versions < |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:21:32.335Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36964", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.3", status: "affected", version: "2022.3 and prior versions", versionType: "custom", }, ], }, { product: "Orion Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2020.2.6 HF5", status: "affected", version: "2020.2.6 HF5 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2022-11-22T00:00:00", descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-29T00:00:00", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36964", }, ], solutions: [ { lang: "en", value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4", }, ], source: { discovery: "UNKNOWN", }, title: "SolarWinds Platform Deserialization of Untrusted Data", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-36964", datePublished: "2022-11-29T20:47:49.978933Z", dateReserved: "2022-07-27T00:00:00", dateUpdated: "2024-09-16T21:57:16.614Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47504
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-18 19:13
Severity ?
EPSS score ?
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Version: 2022.4.1 and prior versions < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.311Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { tags: [ "x_transferred", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47504", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47504", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T19:12:43.771078Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T19:13:09.012Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SolarWinds Platform", vendor: "SolarWinds", versions: [ { lessThanOrEqual: "2022.4.1", status: "affected", version: "2022.4.1 and prior versions", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.", }, ], datePublic: "2023-02-14T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.</p>", }, ], value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T19:57:10.379Z", orgId: "49f11609-934d-4621-84e6-e02e032104d6", shortName: "SolarWinds", }, references: [ { url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47504", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1</p>", }, ], value: "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "SolarWinds Platform Deserialization of Untrusted Data Vulnerability", x_generator: { engine: "vulnogram 0.1.0-rc1", }, }, }, cveMetadata: { assignerOrgId: "49f11609-934d-4621-84e6-e02e032104d6", assignerShortName: "SolarWinds", cveId: "CVE-2022-47504", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2022-12-15T00:00:00.000Z", dateUpdated: "2025-03-18T19:13:09.012Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-04-22 18:15
Modified
2024-11-21 05:57
Severity ?
Summary
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OneTimeJobSchedulerEventsService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11955.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm#Fixed | Release Notes, Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-21-373/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm#Fixed | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-21-373/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2020.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2:*:*:*:*:*:*:*", matchCriteriaId: "B4FD7611-A6BC-47DC-B27F-66E3467C19D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OneTimeJobSchedulerEventsService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11955.", }, { lang: "es", value: "Esta vulnerabilidad permite a atacantes locales escalar los privilegios en las instalaciones afectadas de SolarWinds Orion Virtual Infrastructure Monitor versión 2020.2. Un atacante primero debe obtener la capacidad de ejecutar código poco privilegiado en el sistema objetivo para explotar esta vulnerabilidad. El fallo específico se presenta dentro del servicio WCF OneTimeJobSchedulerEventsService. El problema resulta de una falta de comprobación apropiada de los datos suministrados por el usuario, lo que puede provocar la deserialización de datos que no son de confianza. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar código arbitrario en el contexto de SYSTEM. Era ZDI-CAN-11955", }, ], id: "CVE-2021-27277", lastModified: "2024-11-21T05:57:44.867", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-22T18:15:08.167", references: [ { source: "zdi-disclosures@trendmicro.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm#Fixed", }, { source: "zdi-disclosures@trendmicro.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-373/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm#Fixed", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-373/", }, ], sourceIdentifier: "zdi-disclosures@trendmicro.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "zdi-disclosures@trendmicro.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-14 16:15
Modified
2024-11-21 05:57
Severity ?
Summary
This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. Was ZDI-CAN-11903.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-21-192/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-21-192/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2020.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2:-:*:*:*:*:*:*", matchCriteriaId: "5857C0F0-37C5-4CF6-B921-7D5BFE065EAB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. Was ZDI-CAN-11903.", }, { lang: "es", value: "Esta vulnerabilidad permite a atacantes remotos ejecutar privilegios escalados en las instalaciones afectadas de SolarWinds Orion Platform versión 2020.2. No es requerida una autenticación para explotar esta vulnerabilidad. El fallo específico se presenta dentro del endpoint SaveUserSetting. El problema es debido a una restricción inapropiada de este endpoint para usuarios sin privilegios. Un atacante puede aprovechar esta vulnerabilidad para escalar los privilegios de sus privilegios de invitado a administrador. Era ZDI-CAN-11903", }, ], id: "CVE-2021-27258", lastModified: "2024-11-21T05:57:42.483", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-14T16:15:13.877", references: [ { source: "zdi-disclosures@trendmicro.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-192/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-192/", }, ], sourceIdentifier: "zdi-disclosures@trendmicro.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-26 16:15
Modified
2024-11-21 06:20
Severity ?
Summary
The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "FF6435D5-647D-4BEE-A066-60F62E63E0DE", versionEndExcluding: "2020.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account.", }, { lang: "es", value: "La página de opciones de elementos de menú personalizado en SolarWinds Orion Platform versiones anteriores a 2020.2.5, permite Tabnabbing inverso en el contexto de una cuenta de administrador.", }, ], id: "CVE-2021-3109", lastModified: "2024-11-21T06:20:53.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-26T16:15:12.857", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-15 19:15
Modified
2024-11-21 07:32
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2022.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.4.1:*:*:*:*:*:*:*", matchCriteriaId: "CDE9CF7A-D280-4DD9-9CCE-1493501A0AF5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.\n\n", }, ], id: "CVE-2022-47503", lastModified: "2024-11-21T07:32:05.913", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-15T19:15:11.883", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47503", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47503", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-04 14:15
Modified
2024-11-21 04:23
Severity ?
Summary
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.solarwinds.com/network-performance-monitor | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.solarwinds.com/network-performance-monitor | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | netpath | 1.1.4 | |
| solarwinds | network_performance_monitor | 12.4 | |
| solarwinds | orion_platform | 2018.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:netpath:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "F909CC55-E476-4D58-8169-5FE46670AFE6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:network_performance_monitor:12.4:*:*:*:*:*:*:*", matchCriteriaId: "DCF8FA42-503B-4EDE-81B0-AE25A654E623", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix3:*:*:*:*:*:*", matchCriteriaId: "EADD78FC-8E9C-468F-BF35-76D29047898F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.", }, { lang: "es", value: "Orion Platform versión 2018.4 HF3 de SolarWinds (NPM versión 12.4, NetPath versión 1.1.4), es vulnerable a una Filtración de Información, debido al manejo inapropiado de errores con rastros de pila, como es demostrado al detectar una ruta completa en un Error de Servidor Interno 500 mediante el parámetro query de api2/swis/query?lang=en-us&swAlertOnError=false.", }, ], id: "CVE-2019-12864", lastModified: "2024-11-21T04:23:43.863", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-04T14:15:12.763", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/network-performance-monitor", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/network-performance-monitor", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-209", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-17 18:15
Modified
2024-11-21 05:00
Severity ?
Summary
Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "37385F23-D00F-4D1F-9A0B-DEFAD82EFC48", versionEndExcluding: "2020.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).", }, { lang: "es", value: "Una vulnerabilidad de tipo XSS (Cross-Site Scripting) almacenado se presenta en SolarWinds Orion Platform versiones anteriores a 2020.2.1, en varios formularios y páginas. Esta vulnerabilidad puede conllevar a una divulgación de información y a una escalada de privilegios (toma de control de la cuenta de administrador)", }, ], id: "CVE-2020-13169", lastModified: "2024-11-21T05:00:47.780", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-17T18:15:12.240", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm#NewFeaturesOrion", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm#NewFeaturesOrion", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-15 19:15
Modified
2024-11-21 07:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2022.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.4.1:*:*:*:*:*:*:*", matchCriteriaId: "CDE9CF7A-D280-4DD9-9CCE-1493501A0AF5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.", }, ], id: "CVE-2022-38111", lastModified: "2024-11-21T07:15:48.900", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-15T19:15:11.763", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38111", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38111", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-26 16:15
Modified
2024-11-21 05:28
Severity ?
Summary
SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "FF6435D5-647D-4BEE-A066-60F62E63E0DE", versionEndExcluding: "2020.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page.", }, { lang: "es", value: "SolarWinds Orion Platform versiones anteriores a 2020.2.5, permite ataques de tipo XSS almacenado por un administrador en la página Customize View.", }, ], id: "CVE-2020-35856", lastModified: "2024-11-21T05:28:19.440", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-26T16:15:12.343", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-21 20:15
Modified
2024-11-21 07:14
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The SolarWinds Platform was susceptible to the Command Injection Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform admin account to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "813EF4B0-6B36-47B1-9AEE-83040037F7EE", versionEndExcluding: "2023.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SolarWinds Platform was susceptible to the Command Injection Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform admin account to execute arbitrary commands.\n\n", }, ], id: "CVE-2022-36963", lastModified: "2024-11-21T07:14:10.000", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-21T20:15:07.087", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36963", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36963", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-20 21:15
Modified
2024-11-21 06:12
Severity ?
6.8 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The \"Log alert to a file\" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.", }, { lang: "es", value: "La acción \"Log alert to a file\" dentro de la administración de acciones permite a cualquier usuario de Orion Platform con derechos de administración de alertas de Orion escribir en cualquier archivo. Un atacante con derechos de administración de alertas de Orion podría usar esta vulnerabilidad para llevar a cabo una carga de archivos sin restricciones causando una ejecución de código remota", }, ], id: "CVE-2021-35244", lastModified: "2024-11-21T06:12:08.437", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 8.5, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.3, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-20T21:15:08.110", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Not Applicable", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-22-375/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-22-375/", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-01 15:15
Modified
2024-11-21 06:12
Severity ?
8.9 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "70E2B14D-F48F-4CA2-8995-17F1FC30E091", versionEndIncluding: "2020.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.", }, { lang: "es", value: "Se ha detectado una deserialización insegura conllevando a una ejecución de código remota en Orion Platform versión 2020.2.5. Es requerida una autenticación para explotar esta vulnerabilidad", }, ], id: "CVE-2021-35215", lastModified: "2024-11-21T06:12:04.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-01T15:15:08.797", references: [ { source: "psirt@solarwinds.com", tags: [ "Broken Link", ], url: "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-20 21:15
Modified
2024-11-21 06:12
Severity ?
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.", }, { lang: "es", value: "Se ha informado de que cualquier usuario de Orion, por ejemplo, las cuentas de invitados pueden consultar la entidad Orion.UserSettings y enumerar los usuarios y su configuración básica", }, ], id: "CVE-2021-35248", lastModified: "2024-11-21T06:12:09.023", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 4, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-20T21:15:08.157", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-15 19:15
Modified
2024-11-21 07:46
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2022.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.4.1:*:*:*:*:*:*:*", matchCriteriaId: "CDE9CF7A-D280-4DD9-9CCE-1493501A0AF5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.\n\n", }, ], id: "CVE-2023-23836", lastModified: "2024-11-21T07:46:55.403", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-15T19:15:13.007", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23836", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23836", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-13 23:15
Modified
2024-11-21 07:46
Severity ?
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "3B4823C0-B8E7-4896-9096-ABFE5F395F00", versionEndExcluding: "2023.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.", }, { lang: "es", value: "La plataforma SolarWinds era susceptible a la vulnerabilidad de Comparación Incorrecta. Esta vulnerabilidad permite a los usuarios con acceso administrativo a SolarWinds Web Console ejecutar comandos arbitrarios con privilegios de SERVICIO DE RED.", }, ], id: "CVE-2023-23840", lastModified: "2024-11-21T07:46:55.937", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-13T23:15:07.820", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23840", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23840", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-697", }, ], source: "psirt@solarwinds.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-697", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-29 21:15
Modified
2024-11-21 07:14
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2022.2 | |
| solarwinds | orion_platform | 2022.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix3:*:*:*:*:*:*", matchCriteriaId: "4A60806A-14DE-4E9D-A55E-6DA128EF7661", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix4:*:*:*:*:*:*", matchCriteriaId: "3E4171F0-1467-431C-A20C-6812045F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix5:*:*:*:*:*:*", matchCriteriaId: "D8F73D48-6F19-44D9-9F3E-B6AEB78946B8", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.2:*:*:*:*:*:*:*", matchCriteriaId: "0A6214D0-6FDD-40F8-9955-CF3D616CB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.3:*:*:*:*:*:*:*", matchCriteriaId: "077EB1C9-5CE5-48D8-9841-D11A2FB41098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.", }, { lang: "es", value: "La plataforma SolarWinds era susceptible a la deserialización de datos no confiables. Esta vulnerabilidad permite que un adversario remoto con acceso válido a SolarWinds Web Console ejecute comandos arbitrarios.", }, ], id: "CVE-2022-36964", lastModified: "2024-11-21T07:14:10.137", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-29T21:15:10.837", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36964", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36964", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 12:15
Modified
2024-11-21 06:12
Severity ?
8.1 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.", }, { lang: "es", value: "Una vulnerabilidad de Inyección de Comandos en la API de EmailWebPage, que puede conllevar una Ejecución de Código Remota (RCE) desde la página Alerts Settings", }, ], id: "CVE-2021-35220", lastModified: "2024-11-21T06:12:05.330", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 5.8, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T12:15:07.313", references: [ { source: "psirt@solarwinds.com", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-EmailWebPage-Command-Injection-RCE-CVE-2021-35220?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-EmailWebPage-Command-Injection-RCE-CVE-2021-35220?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35220", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-01 15:15
Modified
2024-11-21 06:12
Severity ?
8.9 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@solarwinds.com | https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm | Not Applicable, Vendor Advisory | |
| psirt@solarwinds.com | https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218 | Vendor Advisory | |
| psirt@solarwinds.com | https://www.zerodayinitiative.com/advisories/ZDI-21-1248/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm | Not Applicable, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-21-1248/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server", }, { lang: "es", value: "Una deserialización de Datos no Confiables en el Endpoint de la Consola Web puede conllevar a una ejecución de código remota. Un atacante no autorizado que tenga acceso a la red de la Consola Web de Orion Patch Manager podría potencialmente explotar esto y comprometer el servidor", }, ], id: "CVE-2021-35218", lastModified: "2024-11-21T06:12:05.023", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-01T15:15:08.910", references: [ { source: "psirt@solarwinds.com", tags: [ "Not Applicable", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1248/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1248/", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-01-17 18:15
Modified
2024-11-21 04:31
Severity ?
Summary
A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2019.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2019.2:hotfix1:*:*:*:*:*:*", matchCriteriaId: "A75B40B5-8A31-425B-8EDF-AFBDF554D2CC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.", }, { lang: "es", value: "Se detectó una Reflected Client Side Template Injection (CSTI) con Angular en la plataforma SolarWinds Orion versión 2019.2 HF1 en muchos formularios. Un atacante puede inyectar una expresión de Angular y escapar del sandbox de Angular para lograr un ataque de tipo XSS almacenado.", }, ], id: "CVE-2019-17125", lastModified: "2024-11-21T04:31:44.660", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-17T18:15:13.103", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, { source: "cve@mitre.org", tags: [ "Product", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-10 23:15
Modified
2024-11-21 05:21
Severity ?
Summary
This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-21-067/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-21-067/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2020.2.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.1:*:*:*:*:*:*:*", matchCriteriaId: "774002E1-47D1-4398-A14D-41C1D6D1A1E7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902.", }, { lang: "es", value: "Esta vulnerabilidad permite a atacantes remotos crear archivos arbitrarios en instalaciones afectadas de SolarWinds Orion Platform versión 2020.2.1. Aunque es requerido una autenticación para explotar esta vulnerabilidad, el mecanismo de autenticación existente puede ser omitido. El fallo específico se presenta dentro del archivo VulnerabilitySettings.aspx. El problema resulta de la falta de comprobación apropiada de una ruta suministrada por el usuario antes de usarla en operaciones de archivo. Un atacante puede explotar esta vulnerabilidad para ejecutar código arbitrario en el contexto de SYSTEM. Era ZDI-CAN-11902", }, ], id: "CVE-2020-27871", lastModified: "2024-11-21T05:21:58.400", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-10T23:15:12.513", references: [ { source: "zdi-disclosures@trendmicro.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-067/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-067/", }, ], sourceIdentifier: "zdi-disclosures@trendmicro.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-01 22:29
Modified
2024-11-21 04:51
Severity ?
Summary
SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2018.4 | |
| solarwinds | orion_platform | 2018.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "68FFA8C4-E052-4847-AFCE-53955C43BC80", versionEndExcluding: "2018.4", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2018.4:-:*:*:*:*:*:*", matchCriteriaId: "FDC27154-9C76-408C-88DB-5AF764425DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix1:*:*:*:*:*:*", matchCriteriaId: "890F9626-87B8-4933-8E64-59B2F0948A64", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.", }, { lang: "es", value: "SolarWinds Orion Platform, en versiones anteriores a la 2018.4 Hotfix 2, permite el escalado de privilegios mediante el servicio RabbitMQ.", }, ], id: "CVE-2019-9546", lastModified: "2024-11-21T04:51:49.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-01T22:29:00.230", references: [ { source: "cve@mitre.org", url: "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-427", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-13 23:15
Modified
2024-11-21 07:46
Severity ?
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "3B4823C0-B8E7-4896-9096-ABFE5F395F00", versionEndExcluding: "2023.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.", }, { lang: "es", value: "La plataforma SolarWinds era susceptible a la vulnerabilidad de Comparación Incorrecta. Esta vulnerabilidad permite a los usuarios con acceso administrativo a SolarWinds Web Console ejecutar comandos arbitrarios con privilegios de SERVICIO DE RED.", }, ], id: "CVE-2023-23845", lastModified: "2024-11-21T07:46:56.610", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-13T23:15:08.283", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23845", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-697", }, ], source: "psirt@solarwinds.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-697", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 13:15
Modified
2024-11-21 06:12
Severity ?
6.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.", }, { lang: "es", value: "Una Vulnerabilidad de Manipulación del Control de Acceso Inapropiado usando la función ImportAlert que puede conllevar una Ejecución de Código Remota (RCE) desde la página Alerts Settings", }, ], id: "CVE-2021-35221", lastModified: "2024-11-21T06:12:05.483", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 5.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 4.2, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T13:15:07.163", references: [ { source: "psirt@solarwinds.com", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ImportAlert-Improper-Access-Control-Tampering-Vulnerability-CVE-2021-35221?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35221", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ImportAlert-Improper-Access-Control-Tampering-Vulnerability-CVE-2021-35221?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35221", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-03 17:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "72CB9F7C-C224-4D39-A33B-08D6BEF97D2F", versionEndExcluding: "2020.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem.", }, { lang: "es", value: "El Collector Service en SolarWinds Orion Platform versiones anteriores a 2020.2.4 usa MSMQ (Microsoft Message Queue) y no establece permisos en sus queues privadas. Como resultado, unos clientes no autenticados remotos pueden enviar mensajes hacia el puerto TCP 1801 que el Collector Service procesará. Adicionalmente, al procesar dichos mensajes, el servicio los deserializa de una manera no segura, permitiendo una ejecución de código remota arbitraria como LocalSystem", }, ], id: "CVE-2021-25274", lastModified: "2024-11-21T05:54:39.607", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-03T17:15:16.467", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-20 21:15
Modified
2024-11-21 07:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2022.2 | |
| solarwinds | orion_platform | 2022.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix3:*:*:*:*:*:*", matchCriteriaId: "4A60806A-14DE-4E9D-A55E-6DA128EF7661", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix4:*:*:*:*:*:*", matchCriteriaId: "3E4171F0-1467-431C-A20C-6812045F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix5:*:*:*:*:*:*", matchCriteriaId: "D8F73D48-6F19-44D9-9F3E-B6AEB78946B8", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.2:*:*:*:*:*:*:*", matchCriteriaId: "0A6214D0-6FDD-40F8-9955-CF3D616CB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.3:*:*:*:*:*:*:*", matchCriteriaId: "077EB1C9-5CE5-48D8-9841-D11A2FB41098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.", }, { lang: "es", value: "SolarWinds Platform era susceptible a la Deserialización de Datos No Confiables. Esta vulnerabilidad permite a un adversario remoto con acceso a la cuenta de nivel de administrador de Orion a la consola web de SolarWinds ejecutar comandos arbitrarios", }, ], id: "CVE-2022-38108", lastModified: "2024-11-21T07:15:48.630", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-20T21:15:10.147", references: [ { source: "psirt@solarwinds.com", url: "http://packetstormsecurity.com/files/171567/SolarWinds-Information-Service-SWIS-Remote-Command-Execution.html", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38108", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17531", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/171567/SolarWinds-Information-Service-SWIS-Remote-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17531", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-29 21:15
Modified
2024-11-21 07:14
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2022.2 | |
| solarwinds | orion_platform | 2022.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix3:*:*:*:*:*:*", matchCriteriaId: "4A60806A-14DE-4E9D-A55E-6DA128EF7661", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix4:*:*:*:*:*:*", matchCriteriaId: "3E4171F0-1467-431C-A20C-6812045F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix5:*:*:*:*:*:*", matchCriteriaId: "D8F73D48-6F19-44D9-9F3E-B6AEB78946B8", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.2:*:*:*:*:*:*:*", matchCriteriaId: "0A6214D0-6FDD-40F8-9955-CF3D616CB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.3:*:*:*:*:*:*:*", matchCriteriaId: "077EB1C9-5CE5-48D8-9841-D11A2FB41098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.", }, { lang: "es", value: "La plataforma SolarWinds fue susceptible a una validación de entrada incorrecta. Esta vulnerabilidad permite que un adversario remoto con acceso válido a SolarWinds Web Console escale los privilegios del usuario.", }, ], id: "CVE-2022-36960", lastModified: "2024-11-21T07:14:09.587", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-29T21:15:10.693", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36960", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36960", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-287", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-15 19:15
Modified
2024-11-21 07:32
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2022.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.4.1:*:*:*:*:*:*:*", matchCriteriaId: "CDE9CF7A-D280-4DD9-9CCE-1493501A0AF5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.\n\n", }, ], id: "CVE-2022-47507", lastModified: "2024-11-21T07:32:06.543", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-15T19:15:12.133", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47507", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47507", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-30 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://pastebin.com/zFUd2cCj | Third Party Advisory | |
| cve@mitre.org | https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pastebin.com/zFUd2cCj | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "70E2B14D-F48F-4CA2-8995-17F1FC30E091", versionEndIncluding: "2020.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform.", }, { lang: "es", value: "La página de administración de nodos en SolarWinds Orion Platform versiones anteriores a 2020.2.5 HF1, permite a un atacante crear o eliminar un nodo (fuera del perímetro del atacante) por medio de una cuenta con permisos de escritura. Esto ocurre porque los IDs de los nodos son predecibles (con números crecientes) y el control de acceso en Services/NodeManagement.asmx/DeleteObjNow es incorrecto. Para explotar esto, un atacante debe estar autenticado y debe tener derechos de administración de nodos asociados con al menos un grupo válido en la plataforma", }, ], id: "CVE-2021-28674", lastModified: "2024-11-21T06:00:05.213", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-30T14:15:16.277", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://pastebin.com/zFUd2cCj", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://pastebin.com/zFUd2cCj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-28674", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-330", }, { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 17:15
Modified
2024-11-21 06:12
Severity ?
8.9 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2019.2 | |
| solarwinds | orion_platform | 2019.4 | |
| solarwinds | orion_platform | 2020.2.1 | |
| solarwinds | orion_platform | 2020.2.4 | |
| solarwinds | orion_platform | 2020.2.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2019.2:*:*:*:*:*:*:*", matchCriteriaId: "C65EE900-7208-4A27-816B-F44A60CC7062", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2019.4:*:*:*:*:*:*:*", matchCriteriaId: "E01098F6-563A-416A-90E2-405F58E827C5", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.1:*:*:*:*:*:*:*", matchCriteriaId: "774002E1-47D1-4398-A14D-41C1D6D1A1E7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.4:*:*:*:*:*:*:*", matchCriteriaId: "6C3F1C70-EA74-4EB0-BEAC-384501830550", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.5:*:*:*:*:*:*:*", matchCriteriaId: "5FEC7902-5903-4366-9301-DD6D6CC39F6D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.", }, { lang: "es", value: "Se ha detectado una Vulnerabilidad de Escalada de Privilegios por inyección SQL en la plataforma Orion, reportada por el Equipo de ZDI. Una inyección SQL booleana ciega que podría conllevar a una lectura y escritura completa sobre el contenido de la base de datos de Orion, incluyendo el certificado de Orion, para cualquier usuario autenticado", }, ], id: "CVE-2021-35212", lastModified: "2024-11-21T06:12:04.190", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T17:15:07.910", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1243/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1243/", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-03 17:15
Modified
2024-11-21 05:54
Severity ?
Summary
SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "72CB9F7C-C224-4D39-A33B-08D6BEF97D2F", versionEndExcluding: "2020.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.", }, { lang: "es", value: "SolarWinds Orion Platform versiones anteriores a 2020.2.4, tal como la utilizan varios productos SolarWinds, instala y usa un servidor SQL Server y almacena las credenciales de la base de datos para acceder a este servidor en un archivo que pueden leer los usuarios sin privilegios. Como resultado, cualquier usuario que tenga acceso al sistema de archivos puede leer los detalles de inicio de sesión de la base de datos de ese archivo, incluyendo el nombre de inicio de sesión y su contraseña asociada. Luego, las credenciales pueden ser usadas para conseguir acceso del propietario de la base de datos a la base de datos SWNetPerfMon.DB. Esto otorga acceso a los datos recopilados por las aplicaciones de SolarWinds y conlleva a un acceso de administrador a las aplicaciones al insertar o cambiar los datos de autenticación almacenados en la tabla de Cuentas de la base de datos", }, ], id: "CVE-2021-25275", lastModified: "2024-11-21T05:54:39.740", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-03T17:15:16.513", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-798", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-25 17:15
Modified
2024-11-21 04:23
Severity ?
Summary
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | netpath | 1.1.4 | |
| solarwinds | network_performance_monitor | 12.4 | |
| solarwinds | orion_platform | 2018.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:netpath:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "F909CC55-E476-4D58-8169-5FE46670AFE6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:network_performance_monitor:12.4:*:*:*:*:*:*:*", matchCriteriaId: "DCF8FA42-503B-4EDE-81B0-AE25A654E623", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix3:*:*:*:*:*:*", matchCriteriaId: "EADD78FC-8E9C-468F-BF35-76D29047898F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.", }, { lang: "es", value: "SolarWinds Orion Platform versión 2018.4 HF3 (NPM versión 12.4, NetPath versión 1.1.4), permite una inyección HTML Almacenada por los administradores por medio de la pantalla Web Console Settings.", }, ], id: "CVE-2019-12863", lastModified: "2024-11-21T04:23:43.710", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-25T17:15:11.150", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-12863-stored-html-injection-vulnerability-in-solarwinds-orion-platform-2018-4-hf3-npm-12-4-netpath-1-1-4/", }, { source: "cve@mitre.org", tags: [ "Product", "Vendor Advisory", ], url: "https://www.solarwinds.com/network-performance-monitor", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-12863-stored-html-injection-vulnerability-in-solarwinds-orion-platform-2018-4-hf3-npm-12-4-netpath-1-1-4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://www.solarwinds.com/network-performance-monitor", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-20 21:15
Modified
2024-11-21 07:14
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@solarwinds.com | https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958 | Vendor Advisory | |
| psirt@solarwinds.com | https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2022.2 | |
| solarwinds | orion_platform | 2022.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix3:*:*:*:*:*:*", matchCriteriaId: "4A60806A-14DE-4E9D-A55E-6DA128EF7661", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix4:*:*:*:*:*:*", matchCriteriaId: "3E4171F0-1467-431C-A20C-6812045F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix5:*:*:*:*:*:*", matchCriteriaId: "D8F73D48-6F19-44D9-9F3E-B6AEB78946B8", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.2:*:*:*:*:*:*:*", matchCriteriaId: "0A6214D0-6FDD-40F8-9955-CF3D616CB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.3:*:*:*:*:*:*:*", matchCriteriaId: "077EB1C9-5CE5-48D8-9841-D11A2FB41098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.", }, { lang: "es", value: "SolarWinds Platform era susceptible a una Deserialización de Datos No Confiables. Esta vulnerabilidad permite a un adversario remoto con acceso válido a la consola web de SolarWinds ejecutar comandos arbitrarios", }, ], id: "CVE-2022-36958", lastModified: "2024-11-21T07:14:09.453", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-20T21:15:09.990", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-29 22:15
Modified
2025-03-17 19:36
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | https://kb.cert.org/vuls/id/843464 | Third Party Advisory, US Government Resource | |
| cret@cert.org | https://www.solarwinds.com/securityadvisory | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.cert.org/vuls/id/843464 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/843464 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.solarwinds.com/securityadvisory | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2019.4 | |
| solarwinds | orion_platform | 2020.2 | |
| solarwinds | orion_platform | 2020.2.1 |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SolarWinds Orion Authentication Bypass Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:*", matchCriteriaId: "28A11AD1-B244-4725-90ED-0E656872004F", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2:-:*:*:*:*:*:*", matchCriteriaId: "5857C0F0-37C5-4CF6-B921-7D5BFE065EAB", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.1:hotfix1:*:*:*:*:*:*", matchCriteriaId: "60F65C7E-90D6-4BB5-BA76-593CD5786C95", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.", }, { lang: "es", value: "La API Orion de SolarWinds es vulnerable a una omisión de autenticación que podría permitir a un atacante remoto ejecutar comandos de la API. Esta vulnerabilidad podría permitir a un atacante remoto omitir la autenticación y ejecutar comandos de la API, lo que puede resultar en un compromiso de la instancia de SolarWinds. Las versiones 2019.4 HF 5, 2020.2 de SolarWinds Orion Platform sin revisión instalada y 2020.2 HF 1 están afectadas", }, ], id: "CVE-2020-10148", lastModified: "2025-03-17T19:36:06.263", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2020-12-29T22:15:12.327", references: [ { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://kb.cert.org/vuls/id/843464", }, { source: "cret@cert.org", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/securityadvisory", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://kb.cert.org/vuls/id/843464", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/843464", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/securityadvisory", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-288", }, ], source: "cret@cert.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-21 20:15
Modified
2024-11-21 07:32
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject HTML.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "813EF4B0-6B36-47B1-9AEE-83040037F7EE", versionEndExcluding: "2023.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject HTML.\n\n", }, ], id: "CVE-2022-47509", lastModified: "2024-11-21T07:32:06.850", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-21T20:15:07.247", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47509", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47509", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-15 19:15
Modified
2024-11-21 07:32
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. This vulnerability allows a local adversary with authenticated account access to edit the default configuration, enabling the execution of arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2022.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.4.1:*:*:*:*:*:*:*", matchCriteriaId: "CDE9CF7A-D280-4DD9-9CCE-1493501A0AF5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. This vulnerability allows a local adversary with authenticated account access to edit the default configuration, enabling the execution of arbitrary commands.\n\n", }, ], id: "CVE-2022-47506", lastModified: "2024-11-21T07:32:06.360", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-15T19:15:12.050", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47506", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47506", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 12:15
Modified
2024-11-21 06:12
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.", }, { lang: "es", value: "Una Vulnerabilidad de Divulgación de Información de Lectura Arbitraria de Archivos en ExportToPdfCmd, mediante la función ImportAlert en la página Alerts Settings", }, ], id: "CVE-2021-35219", lastModified: "2024-11-21T06:12:05.170", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 4, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T12:15:07.260", references: [ { source: "psirt@solarwinds.com", tags: [ "Product", "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-29 21:15
Modified
2024-11-21 07:14
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2022.2 | |
| solarwinds | orion_platform | 2022.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix3:*:*:*:*:*:*", matchCriteriaId: "4A60806A-14DE-4E9D-A55E-6DA128EF7661", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix4:*:*:*:*:*:*", matchCriteriaId: "3E4171F0-1467-431C-A20C-6812045F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix5:*:*:*:*:*:*", matchCriteriaId: "D8F73D48-6F19-44D9-9F3E-B6AEB78946B8", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.2:*:*:*:*:*:*:*", matchCriteriaId: "0A6214D0-6FDD-40F8-9955-CF3D616CB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.3:*:*:*:*:*:*:*", matchCriteriaId: "077EB1C9-5CE5-48D8-9841-D11A2FB41098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.", }, { lang: "es", value: "La plataforma SolarWinds era susceptible a la Inyección de Comandos. Esta vulnerabilidad permite que un adversario remoto con control total sobre la base de datos de SolarWinds ejecute comandos arbitrarios.", }, ], id: "CVE-2022-36962", lastModified: "2024-11-21T07:14:09.870", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-29T21:15:10.770", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36962", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36962", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-20 21:15
Modified
2024-11-21 07:14
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2022.2 | |
| solarwinds | orion_platform | 2022.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix3:*:*:*:*:*:*", matchCriteriaId: "4A60806A-14DE-4E9D-A55E-6DA128EF7661", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix4:*:*:*:*:*:*", matchCriteriaId: "3E4171F0-1467-431C-A20C-6812045F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix5:*:*:*:*:*:*", matchCriteriaId: "D8F73D48-6F19-44D9-9F3E-B6AEB78946B8", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.2:*:*:*:*:*:*:*", matchCriteriaId: "0A6214D0-6FDD-40F8-9955-CF3D616CB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.3:*:*:*:*:*:*:*", matchCriteriaId: "077EB1C9-5CE5-48D8-9841-D11A2FB41098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.", }, { lang: "es", value: "Los usuarios con derechos de administración de nodos podían ver y editar todos los nodos debido a un control insuficiente del parámetro URL que causaba una vulnerabilidad de referencia directa a objetos insegura (IDOR) en SolarWinds Platform 2022.3 y anteriores", }, ], id: "CVE-2022-36966", lastModified: "2024-11-21T07:14:10.403", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-20T21:15:10.050", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36966", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36966", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-639", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 16:15
Modified
2024-11-21 06:12
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| microsoft | internet_explorer | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "70E2B14D-F48F-4CA2-8995-17F1FC30E091", versionEndIncluding: "2020.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*", matchCriteriaId: "C37BA825-679F-4257-9F2B-CE2318B75396", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'.", }, { lang: "es", value: "Un investigador de seguridad almacenó un ataque de tipo XSS por medio de una configuración del Servidor de Ayuda. Esto afecta a clientes usando Internet Explorer, porque no soportan \"rel=noopener\"", }, ], id: "CVE-2021-35240", lastModified: "2024-11-21T06:12:08.003", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.3, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T16:15:07.863", references: [ { source: "psirt@solarwinds.com", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35240", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35240", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-20 21:15
Modified
2024-11-21 07:14
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@solarwinds.com | https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957 | Release Notes, Vendor Advisory | |
| psirt@solarwinds.com | https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2022.2 | |
| solarwinds | orion_platform | 2022.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix3:*:*:*:*:*:*", matchCriteriaId: "4A60806A-14DE-4E9D-A55E-6DA128EF7661", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix4:*:*:*:*:*:*", matchCriteriaId: "3E4171F0-1467-431C-A20C-6812045F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix5:*:*:*:*:*:*", matchCriteriaId: "D8F73D48-6F19-44D9-9F3E-B6AEB78946B8", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.2:*:*:*:*:*:*:*", matchCriteriaId: "0A6214D0-6FDD-40F8-9955-CF3D616CB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.3:*:*:*:*:*:*:*", matchCriteriaId: "077EB1C9-5CE5-48D8-9841-D11A2FB41098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.", }, { lang: "es", value: "SolarWinds Platform era susceptible de una Deserialización de Datos No Confiables. Esta vulnerabilidad permite a un adversario remoto con acceso a la cuenta de nivel de administrador de Orion a la Consola Web de SolarWinds ejecutar comandos arbitrarios", }, ], id: "CVE-2022-36957", lastModified: "2024-11-21T07:14:09.290", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-20T21:15:09.917", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-15 19:15
Modified
2024-11-21 07:32
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2022.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2022.4.1:*:*:*:*:*:*:*", matchCriteriaId: "CDE9CF7A-D280-4DD9-9CCE-1493501A0AF5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.\n\n", }, ], id: "CVE-2022-47504", lastModified: "2024-11-21T07:32:06.043", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-15T19:15:11.963", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47504", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-1_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47504", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 13:15
Modified
2024-11-21 06:12
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", versionEndExcluding: "2020.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.", }, { lang: "es", value: "Esta vulnerabilidad permite a atacantes hacerse pasar por usuarios y llevar a cabo acciones arbitrarias que conllevan a una Ejecución de Código Remota (RCE) desde la página Alerts Settings", }, ], id: "CVE-2021-35222", lastModified: "2024-11-21T06:12:05.627", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.3, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T13:15:07.223", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Resource-aspx-Reflected-Cross-Site-Scripting-Vulnerability-CVE-2021-35222?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35222", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Resource-aspx-Reflected-Cross-Site-Scripting-Vulnerability-CVE-2021-35222?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35222", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 16:15
Modified
2024-11-21 06:12
Severity ?
7.5 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "70E2B14D-F48F-4CA2-8995-17F1FC30E091", versionEndIncluding: "2020.2.5", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.", }, { lang: "es", value: "Un investigador de seguridad ha detectado que un usuario con derechos de administración de mapas de Orion podía almacenar una vulnerabilidad de tipo XSS mediante un hipervínculo de cuadro de texto", }, ], id: "CVE-2021-35239", lastModified: "2024-11-21T06:12:07.843", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 5.3, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T16:15:07.807", references: [ { source: "psirt@solarwinds.com", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-in-Maps-text-box-hyperlink-vulnerability-CVE-2021-35239?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35239", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-in-Maps-text-box-hyperlink-vulnerability-CVE-2021-35239?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35239", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-10 23:15
Modified
2024-11-21 05:21
Severity ?
Summary
This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-21-066/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-21-066/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2020.2.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.1:*:*:*:*:*:*:*", matchCriteriaId: "774002E1-47D1-4398-A14D-41C1D6D1A1E7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917.", }, { lang: "es", value: "Esta vulnerabilidad permite a atacantes remotos divulgar información confidencial sobre instalaciones afectadas de SolarWinds Orion Platform 2020.2.1. Se requiere autenticación para explotar esta vulnerabilidad. El fallo específico se presenta dentro del archivo ExportToPDF.aspx. El problema es debido a la falta de comprobación apropiada de una ruta suministrada por el usuario antes de usarla en operaciones de archivo. Un atacante puede explotar esta vulnerabilidad para divulgar información en el contexto de SYSTEM. Era ZDI-CAN-11917", }, ], id: "CVE-2020-27870", lastModified: "2024-11-21T05:21:58.277", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-10T23:15:12.387", references: [ { source: "zdi-disclosures@trendmicro.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-066/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-066/", }, ], sourceIdentifier: "zdi-disclosures@trendmicro.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 16:15
Modified
2024-11-21 06:12
Severity ?
8.9 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "70E2B14D-F48F-4CA2-8995-17F1FC30E091", versionEndIncluding: "2020.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.", }, { lang: "es", value: "Se ha detectado una vulnerabilidad de Escalada de Privilegios por Control de Acceso Inapropiado en la configuración de usuario de Orion Platform versión 2020.2.5. Permite a un usuario invitado elevar privilegios a Administrador usando esta vulnerabilidad. Es requerida una autenticación para explotar la vulnerabilidad", }, ], id: "CVE-2021-35213", lastModified: "2024-11-21T06:12:04.333", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T16:15:07.687", references: [ { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1244/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1244/", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-30 17:15
Modified
2024-11-21 07:14
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "B721D56C-DD6B-4C63-8438-5B888332D9B6", versionEndIncluding: "2022.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.", }, { lang: "es", value: "Un verbo usado en Orion era vulnerable a una inyección de SQL, un atacante autenticado podría aprovechar esto para la escalada de privilegios o una ejecución de código remota", }, ], id: "CVE-2022-36961", lastModified: "2024-11-21T07:14:09.720", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-30T17:15:13.010", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-21 20:15
Modified
2024-11-21 07:32
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "813EF4B0-6B36-47B1-9AEE-83040037F7EE", versionEndExcluding: "2023.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.\n\n", }, ], id: "CVE-2022-47505", lastModified: "2024-11-21T07:32:06.190", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-21T20:15:07.173", references: [ { source: "psirt@solarwinds.com", tags: [ "Release Notes", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-47505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-47505", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-01-17 18:15
Modified
2024-11-21 04:31
Severity ?
Summary
A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | 2019.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:2019.2:hotfix1:*:*:*:*:*:*", matchCriteriaId: "A75B40B5-8A31-425B-8EDF-AFBDF554D2CC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.", }, { lang: "es", value: "Se detectó una Stored Client Side Template Injection (CSTI) con Angular en SolarWinds Orion Platform versión 2019.2 HF1 en muchos formularios de aplicación. Un atacante puede inyectar una expresión de Angular y escapar del sandbox de Angular para lograr un ataque de tipo XSS almacenado. Esto puede conllevar a una escalada de privilegios.", }, ], id: "CVE-2019-17127", lastModified: "2024-11-21T04:31:44.810", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-17T18:15:13.197", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, { source: "cve@mitre.org", tags: [ "Product", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/orion-platform", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-20 21:15
Modified
2024-11-21 06:12
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 | |
| solarwinds | orion_platform | 2020.2.6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "70E2B14D-F48F-4CA2-8995-17F1FC30E091", versionEndIncluding: "2020.2.5", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", matchCriteriaId: "D577F745-35B0-44D8-A457-FD00C4FD4F76", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", matchCriteriaId: "884E1621-E848-4769-BEF6-95A87F52A538", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.", }, { lang: "es", value: "Numerosas funciones peligrosas expuestas dentro de Orion Core han permitido la inyección de SQL de sólo lectura conllevando a una escalada de privilegios. Un atacante con bajos privilegios de usuario puede robar los hashes de las contraseñas y la información de las sales de las contraseñas", }, ], id: "CVE-2021-35234", lastModified: "2024-11-21T06:12:07.083", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 6, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-20T21:15:08.057", references: [ { source: "psirt@solarwinds.com", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { source: "psirt@solarwinds.com", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35234", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1596/", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1597/", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1598/", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1599/", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1600/", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1601/", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1602/", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1603/", }, { source: "psirt@solarwinds.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1604/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35234", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1596/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1597/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1598/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1599/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1600/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1601/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1602/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1603/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1604/", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-01 12:15
Modified
2024-11-21 06:12
Severity ?
4.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Summary
User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| solarwinds | orion_platform | * | |
| solarwinds | orion_platform | 2020.2.6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "70E2B14D-F48F-4CA2-8995-17F1FC30E091", versionEndIncluding: "2020.2.5", vulnerable: true, }, { criteria: "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", matchCriteriaId: "AD239861-0422-45EE-9A3B-EED4F87F38F7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.", }, { lang: "es", value: "Un usuario con derechos de Administrador de la Plataforma Orion podría almacenar una vulnerabilidad de tipo XSS mediante el parámetro URL POST en el sitio web CreateExternalWebsite", }, ], id: "CVE-2021-35238", lastModified: "2024-11-21T06:12:07.683", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "psirt@solarwinds.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-01T12:15:07.607", references: [ { source: "psirt@solarwinds.com", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "psirt@solarwinds.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "psirt@solarwinds.com", tags: [ "Broken Link", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238", }, ], sourceIdentifier: "psirt@solarwinds.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@solarwinds.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }