7 matches found
SolarWinds Serv-U vulnerability exploited to deliver Log4j attack
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. SolarWinds is affected by a vulnerability CVE-2021-35247 due to improper input validation when processing LDAP queries in the Serv-U web login screen. Serv-U versions up to 15.2.5 are affected by this flaw and were fixed in...
Microsoft: Attackers Tried to Login to SolarWinds Serv-U Via Log4j Bug
Attackers are trying to log in to SolarWinds Serv-U file-sharing software via attacks exploiting the Log4j flaws. This is a confusing story: Initially, Microsoft had warned on Wednesday that attackers were exploiting a previously undisclosed vulnerability in the SolarWinds Serv-U file-sharing...
CVE-2021-35247
creationtimestamp| type| source ---|---|--- 2022-01-20 06:00:50+00:00| exploited| https://t.me/thehackernews/1808 2022-01-20 14:25:36+00:00| seen| https://t.me/truesecator/2540 2022-01-24 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=727 2023-06-14 21:10:04+00:00| seen|...
Hackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell Attacks
Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked as CVE-2021-35247 CVSS score: 5.3, the issue is an "input...
CVE-2021-35247
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper...
CVE-2021-35247 Improper Input Validation Vulnerability in Serv-U
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper...
CVE-2021-35247 Improper Input Validation Vulnerability in Serv-U
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper...