Remote Code Execution Vulnerability in SolarWinds Storage Manager
CVE-2015-5371

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Storage Manager
Vendor: CVE Published:; 6 July 2015

Summary

The AuthenticationFilter class in SolarWinds Storage Manager permits remote attackers to upload and execute arbitrary scripts, potentially leading to unauthorized access and control over the affected systems.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-275/

x_refsource_MISC

http://www.securityfocus.com/bid/75515

vdb-entryx_refsource_BID

EPSS Score

86% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 6, 2015
Vulnerability Reserved
Jul 6, 2015