9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
IT infrastructure management provider SolarWinds on Thursday released a new update to its Orion networking monitoring tool with fixes for four security vulnerabilities, counting two weaknesses that could be exploited by an authenticated attacker to achieve remote code execution (RCE).
Chief among them is a JSON deserialization flaw that allows an authenticated user to execute arbitrary code via the test alert actions feature available in the Orion Web Console, which lets users simulate network events (e.g., an unresponsive server) that can be configured to trigger an alert during setup. It has been rated critical in severity.
A second issue concerns a high-risk vulnerability that could be leveraged by an adversary to achieve RCE in the Orion Job Scheduler. βIn order to exploit this, an attacker first needs to know the credentials of an unprivileged local account on the Orion Server,β SolarWinds said in its release notes.
The advisory is light on technical specifics, but the two shortcomings are said to have been reported via Trend Microβs Zero Day Initiative.
Besides the aforementioned two flaws, the update squashes two other bugs, including a high-severity stored cross-site scripting (XSS) vulnerability in the βadd custom tabβ within customize view page (CVE-2020-35856) and a reverse tabnabbing and open redirect vulnerability in the custom menu item options page (CVE-2021-3109), both of which require an Orion administrator account for successful exploitation.
The new update also brings a number of security improvements, with fixes for preventing XSS attacks and enabling UAC protection for Orion database manager, among others.
The latest round of fixes arrives almost two months after the Texas-based company addressed two severe security vulnerabilities impacting Orion Platform (CVE-2021-25274 and CVE-2021-25275), which could have been exploited to achieve remote code execution with elevated privileges.
Orion users are recommended to update to the latest release, βOrion Platform 2020.2.5,β to mitigate the risk associated with the security issues.
Found this article interesting? Follow THN on Facebook, Twitter ο and LinkedIn to read more exclusive content we post.
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C