Design/Logic Flaw

2019-03-0122:29:00

PRIOn knowledge base

www.prio-n.com

9.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.5%

SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.

CPENameOperatorVersion
orion_platformeq2018.4 hotfix1
orion_platformeq2018.4
orion_platformlt2018.4

Name	Operator	Version
orion_platform	eq	2018.4 hotfix1
orion_platform	eq	2018.4
orion_platform	lt	2018.4

References

github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md

support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability

support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2