Remote Code Execution Vulnerability in SolarWinds Storage Manager
CVE-2015-5371

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Storage Manager
Vendor: CVE Published:; 6 July 2015

What is CVE-2015-5371?

The AuthenticationFilter class in SolarWinds Storage Manager permits remote attackers to upload and execute arbitrary scripts, potentially leading to unauthorized access and control over the affected systems.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-275/

x_refsource_MISC

http://www.securityfocus.com/bid/75515

vdb-entryx_refsource_BID

EPSS Score

83% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 6, 2015
Vulnerability Reserved
Jul 6, 2015

Solarwinds

What is CVE-2015-5371?

References

EPSS Score

Timeline