Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6
CVE-2021-35244

6.8MEDIUM

Key Information:

Vendor: Solarwinds
Status: Orion Platform
Vendor: CVE Published:; 20 December 2021

Summary

The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.

Affected Version(s)

Orion Platform Windows 2020.2.6 HF 2 and previous versions < 2020.2.6 HF 3

References

https://www.solarwinds.com/trust-center/security-advisori...

x_refsource_MISC

https://documentation.solarwinds.com/en/Success_Center/or...

x_refsource_MISC

https://support.solarwinds.com/SuccessCenter/s/article/Or...

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 20, 2021
Vulnerability Reserved
Jun 22, 2021

Credit

dibs working with Trend Micro's Zero Day Initiative.

.