{
  "affected": [],
  "aliases": [
    "CVE-2022-47512"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-19T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected",
  "id": "GHSA-rmfc-fg23-373w",
  "modified": "2022-12-27T21:30:21Z",
  "published": "2022-12-19T18:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47512"
    },
    {
      "type": "WEB",
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4-1_release_notes.htm"
    },
    {
      "type": "WEB",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47512"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "SolarWinds Orion ist eine IT Performance-Monitoring Plattform.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in SolarWinds Orion ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-2389 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2389.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-2389 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2389"
      },
      {
        "category": "external",
        "summary": "SolarWinds Trust Center Security Advisories | CVE-2022-47512 vom 2022-12-21",
        "url": "https://www.solarwinds.com/de/trust-center/security-advisories/cve-2022-47512"
      }
    ],
    "source_lang": "en-US",
    "title": "SolarWinds Orion: Schwachstelle erm\u00f6glicht Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2022-12-21T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:40:27.776+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-2389",
      "initial_release_date": "2022-12-21T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-12-21T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SolarWinds Orion Platform \u003c 2022.4.1",
            "product": {
              "name": "SolarWinds Orion Platform \u003c 2022.4.1",
              "product_id": "T025686",
              "product_identification_helper": {
                "cpe": "cpe:/a:solarwinds:orion_core_services:platform__2022.4.1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-47512",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in SolarWinds Orion. Der Fehler besteht, weil vertrauliche Informationen im Klartext in einer Datei gespeichert sind. Ein lokaler Angreifer, der ausdr\u00fccklich Zugriff auf den Anwendungsserver erhalten hat, kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2022-12-21T23:00:00.000+00:00",
      "title": "CVE-2022-47512"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "SolarWinds Orion ist eine IT Performance-Monitoring Plattform.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in SolarWinds Orion ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-2389 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2389.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-2389 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2389"
      },
      {
        "category": "external",
        "summary": "SolarWinds Trust Center Security Advisories | CVE-2022-47512 vom 2022-12-21",
        "url": "https://www.solarwinds.com/de/trust-center/security-advisories/cve-2022-47512"
      }
    ],
    "source_lang": "en-US",
    "title": "SolarWinds Orion: Schwachstelle erm\u00f6glicht Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2022-12-21T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:40:27.776+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-2389",
      "initial_release_date": "2022-12-21T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-12-21T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SolarWinds Orion Platform \u003c 2022.4.1",
            "product": {
              "name": "SolarWinds Orion Platform \u003c 2022.4.1",
              "product_id": "T025686",
              "product_identification_helper": {
                "cpe": "cpe:/a:solarwinds:orion_core_services:platform__2022.4.1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-47512",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in SolarWinds Orion. Der Fehler besteht, weil vertrauliche Informationen im Klartext in einer Datei gespeichert sind. Ein lokaler Angreifer, der ausdr\u00fccklich Zugriff auf den Anwendungsserver erhalten hat, kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2022-12-21T23:00:00.000+00:00",
      "title": "CVE-2022-47512"
    }
  ]
}

{
  "GSD": {
    "alias": "CVE-2022-47512",
    "id": "GSD-2022-47512"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-47512"
      ],
      "details": "Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected\n\n",
      "id": "GSD-2022-47512",
      "modified": "2023-12-13T01:19:35.864301Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@solarwinds.com",
        "ID": "CVE-2022-47512",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Hybrid Cloud Observability (HCO)/ SolarWinds Platform",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "SolarWinds   2022.4"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "SolarWinds "
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "SolarWinds would like to thank our Thwack MVP\u0027s for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected\n\n"
          }
        ]
      },
      "generator": {
        "engine": "vulnogram 0.1.0-rc1"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-312",
                "lang": "eng",
                "value": "CWE-312 Cleartext Storage of Sensitive Information"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4-1_release_notes.htm",
            "refsource": "MISC",
            "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4-1_release_notes.htm"
          },
          {
            "name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47512",
            "refsource": "MISC",
            "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47512"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSolarWinds has released a Service Release to address this vulnerability in Hybrid Cloud Observability (HCO)/ SolarWinds Platform (2022.4.1) \u003c/p\u003e"
            }
          ],
          "value": "SolarWinds has released a Service Release to address this vulnerability in Hybrid Cloud Observability (HCO)/ SolarWinds Platform (2022.4.1) \n\n"
        }
      ],
      "source": {
        "discovery": "USER"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:solarwinds:solarwinds_platform:2022.4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@solarwinds.com",
          "ID": "CVE-2022-47512"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected\n\n"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-312"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4-1_release_notes.htm",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4-1_release_notes.htm"
            },
            {
              "name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47512",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47512"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-08-03T21:15Z",
      "publishedDate": "2022-12-19T16:15Z"
    }
  }
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:solarwinds:solarwinds_platform:2022.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "722C6341-A679-4B9E-AD4A-E61377648CC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected"
    },
    {
      "lang": "es",
      "value": "La informaci\u00f3n confidencial se almacen\u00f3 en texto plano en un archivo al que puede acceder un usuario con una cuenta local en Hybrid Cloud Observability (HCO)/SolarWinds Platform 2022.4. Ninguna otra versi\u00f3n se ve afectada"
    }
  ],
  "id": "CVE-2022-47512",
  "lastModified": "2024-11-21T07:32:06.990",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "psirt@solarwinds.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-12-19T16:15:11.260",
  "references": [
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4-1_release_notes.htm"
    },
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4-1_release_notes.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47512"
    }
  ],
  "sourceIdentifier": "psirt@solarwinds.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "psirt@solarwinds.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SolarWinds Platform (anciennement Orion Platform) versions ant\u00e9rieures \u00e0 2022.4.1",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Hybrid Cloud Observability versions ant\u00e9rieures \u00e0 2022.4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Serv-U FTP Server versions ant\u00e9rieures \u00e0 15.3.2",
      "product": {
        "name": "Serv-U",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35252"
    },
    {
      "name": "CVE-2022-47512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47512"
    }
  ],
  "initial_release_date": "2022-12-22T00:00:00",
  "last_revision_date": "2022-12-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-1123",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-12-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Elles permettent \u00e0 un attaquant de provoquer un\ncontournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds du 15 d\u00e9cembre 2022",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35252"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds du 16 d\u00e9cembre 2022",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-47512"
    }
  ]
}