DATABASE RESOURCES PRICING ABOUT US

{"id": "4108CF62-7630-555C-8660-0F89BC787A03", "vendorId": null, "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Deserialization of Untrusted Data in Solarwinds Orion Platform", "description": "# CVE-2021-35215\nSolarWinds Orion Platform ActionPluginBaseView ...", "published": "2021-10-23T01:35:42", "modified": "2021-12-15T14:43:16", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "", "reporter": "", "references": [], "cvelist": ["CVE-2021-31474", "CVE-2021-35215"], "immutableFields": [], "lastseen": "2021-12-15T16:11:02", "viewCount": 44, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:1B7EAC94-B37E-4979-A3F3-14C42B528C6B"]}, {"type": "cve", "idList": ["CVE-2021-31474", "CVE-2021-35215"]}, {"type": "nessus", "idList": ["SOLARWINDS_ORION_PLATFORM_2020_2_6.NASL"]}, {"type": "seebug", "idList": ["SSV:99261"]}, {"type": "zdi", "idList": ["ZDI-21-1245", "ZDI-21-602"]}], "rev": 4}, "score": {"value": 5.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:1B7EAC94-B37E-4979-A3F3-14C42B528C6B"]}, {"type": "cve", "idList": ["CVE-2021-31474"]}, {"type": "kitploit", "idList": ["KITPLOIT:3449843613571411531"]}, {"type": "nessus", "idList": ["SOLARWINDS_ORION_PLATFORM_2020_2_6.NASL"]}, {"type": "seebug", "idList": ["SSV:99261"]}, {"type": "threatpost", "idList": ["THREATPOST:99DC4B497599503D640FDFD9A2DC5FA3"]}, {"type": "zdi", "idList": ["ZDI-21-602"]}]}, "exploitation": null, "vulnersScore": 5.5}, "_state": {"dependencies": 1646211810}, "privateArea": 1}

{"seebug": [{"lastseen": "2021-07-24T09:58:55", "description": "", "cvss3": {}, "published": "2021-05-26T00:00:00", "type": "seebug", "title": "SolarWinds Orion \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CVE-2021-31474\uff09", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-31474"], "modified": "2021-05-26T00:00:00", "id": "SSV:99261", "href": "https://www.seebug.org/vuldb/ssvid-99261", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "attackerkb": [{"lastseen": "2021-07-20T20:09:29", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SolarWinds.Serialization library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12213.\n\n \n**Recent assessments:** \n \n**gwillcox-r7** at June 04, 2021 5:35pm UTC reported:\n\nA writeup and PoC payload is now available at [https://testbnull.medium.com/ph%C3%A2n-t%C3%ADch-l%E1%BB%97-h%E1%BB%95ng-solarwinds-orion-deserialization-to-rce-cve-2021-31474-b31a5f168bf0?source=rss-6ac51190917c\u2014\u2014\u20142](<https://testbnull.medium.com/ph%C3%A2n-t%C3%ADch-l%E1%BB%97-h%E1%BB%95ng-solarwinds-orion-deserialization-to-rce-cve-2021-31474-b31a5f168bf0?source=rss-6ac51190917c------2>)\n\nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-05-21T00:00:00", "type": "attackerkb", "title": "CVE-2021-31474", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31474"], "modified": "2021-05-27T00:00:00", "id": "AKB:1B7EAC94-B37E-4979-A3F3-14C42B528C6B", "href": "https://attackerkb.com/topics/seV2Dg798u/cve-2021-31474", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "zdi": [{"lastseen": "2022-05-30T17:33:52", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the SolarWinds.Serialization library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-20T00:00:00", "type": "zdi", "title": "SolarWinds Network Performance Monitor FromJson Deserialization of Untrusted Data Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31474"], "modified": "2022-05-26T00:00:00", "id": "ZDI-21-602", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-602/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-31T22:15:57", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the ActionPluginBaseView class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of NETWORK SERVICE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-28T00:00:00", "type": "zdi", "title": "SolarWinds Orion Platform ActionPluginBaseView Deserialization of Untrusted Data Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35215"], "modified": "2021-10-28T00:00:00", "id": "ZDI-21-1245", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T18:03:18", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SolarWinds.Serialization library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12213.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-21T15:15:00", "type": "cve", "title": "CVE-2021-31474", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31474"], "modified": "2021-06-07T16:03:00", "cpe": [], "id": "CVE-2021-31474", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31474", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2022-03-23T18:48:32", "description": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-01T15:15:00", "type": "cve", "title": "CVE-2021-35215", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35215"], "modified": "2021-11-03T20:23:00", "cpe": ["cpe:/a:solarwinds:orion_platform:2020.2.5"], "id": "CVE-2021-35215", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35215", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:solarwinds:orion_platform:2020.2.5:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2022-05-12T19:13:07", "description": "The version of SolarWinds Orion Platform installed on the remote host is prior to 2020.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the orion_platform_2020_2_6 advisory.\n\n - An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability. (CVE-2021-35213)\n\n - Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability. (CVE-2021-35215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "SolarWinds Orion Platform 2020.2.0 < 2020.2.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-35213", "CVE-2021-35215"], "modified": "2021-12-30T00:00:00", "cpe": ["cpe:/a:solarwinds:orion_platform"], "id": "SOLARWINDS_ORION_PLATFORM_2020_2_6.NASL", "href": "https://www.tenable.com/plugins/nessus/155442", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155442);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/30\");\n\n script_cve_id(\"CVE-2021-35213\", \"CVE-2021-35215\");\n script_xref(name:\"IAVA\", value:\"2021-A-0477-S\");\n\n script_name(english:\"SolarWinds Orion Platform 2020.2.0 < 2020.2.6 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of SolarWinds Orion Platform installed on the remote host is prior to 2020.2.6. It is, therefore, affected\nby multiple vulnerabilities as referenced in the orion_platform_2020_2_6 advisory.\n\n - An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion\n Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this\n vulnerability. Authentication is required to exploit the vulnerability. (CVE-2021-35213)\n\n - Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version\n 2020.2.5. Authentication is required to exploit this vulnerability. (CVE-2021-35215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f2d8616f\");\n # https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6f74c2dd\");\n script_set_attribute(attribute:\"solution\", value:\n\"\");\n script_set_attribute(attribute:\"agent\", value:\"windows\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-35213\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:solarwinds:orion_platform\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"solarwinds_orion_npm_detect.nasl\", \"solarwinds_orion_installed.nbin\");\n script_require_keys(\"installed_sw/SolarWinds Orion Core\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvcf::solarwinds_orion::initialize();\nvar app_info = vcf::solarwinds_orion::combined_get_app_info();\n\nvar constraints = [\n { 'min_version' : '2020.2.0', 'max_version' : '2020.2.5', 'fixed_version' : '2020.2.6' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}]}