Search criteria
60 vulnerabilities found for Orion Platform by SolarWinds
CERTFR-2022-AVI-1123
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform | SolarWinds Platform (anciennement Orion Platform) versions antérieures à 2022.4.1 | ||
| SolarWinds | N/A | Hybrid Cloud Observability versions antérieures à 2022.4.1 | ||
| SolarWinds | Serv-U | Serv-U FTP Server versions antérieures à 15.3.2 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SolarWinds Platform (anciennement Orion Platform) versions ant\u00e9rieures \u00e0 2022.4.1",
"product": {
"name": "Orion Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Hybrid Cloud Observability versions ant\u00e9rieures \u00e0 2022.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Serv-U FTP Server versions ant\u00e9rieures \u00e0 15.3.2",
"product": {
"name": "Serv-U",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35252"
},
{
"name": "CVE-2022-47512",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47512"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-1123",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-12-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Elles permettent \u00e0 un attaquant de provoquer un\ncontournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds du 15 d\u00e9cembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35252"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds du 16 d\u00e9cembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-47512"
}
]
}
CERTFR-2022-AVI-1051
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SolarWinds | N/A | Engineer’s Toolset (ETS) versions antérieures à 2022.4 Desktop | ||
| SolarWinds | Serv-U | Serv-U versions antérieures à 15.3.2 | ||
| SolarWinds | Orion Platform | Orion Platform versions 2020.2.6 HF5 et antérieures | ||
| SolarWinds | Platform | SolarWinds Platform versions antérieures à 2022.4 | ||
| SolarWinds | N/A | Security Event Manager (SEM) versions antérieures à 2022.4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Engineer\u2019s Toolset (ETS) versions ant\u00e9rieures \u00e0 2022.4 Desktop",
"product": {
"name": "N/A",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Serv-U versions ant\u00e9rieures \u00e0 15.3.2",
"product": {
"name": "Serv-U",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Orion Platform versions 2020.2.6 HF5 et ant\u00e9rieures",
"product": {
"name": "Orion Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "SolarWinds Platform versions ant\u00e9rieures \u00e0 2022.4",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Security Event Manager (SEM) versions ant\u00e9rieures \u00e0 2022.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-36964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36964"
},
{
"name": "CVE-2022-36962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36962"
},
{
"name": "CVE-2022-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38115"
},
{
"name": "CVE-2022-38114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38114"
},
{
"name": "CVE-2022-38113",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38113"
},
{
"name": "CVE-2022-38106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38106"
},
{
"name": "CVE-2022-36960",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36960"
},
{
"name": "CVE-2021-35246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35246"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-1051",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-11-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un contournement\nde la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-38113 du 22 novembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-38113"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-36960 du 22 novembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36960"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-38106 du 22 novembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-38106"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-38114 du 22 novembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-38114"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-38115 du 22 novembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-38115"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-36962 du 22 novembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36962"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35246 du 22 novembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35246"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-36964 du 22 novembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36964"
}
]
}
CERTFR-2022-AVI-939
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform | Orion Platform versions 2020.2.6 HF5 et antérieures | ||
| SolarWinds | Platform | SolarWinds Platform versions antérieures à 2022.4 RC1 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Orion Platform versions 2020.2.6 HF5 et ant\u00e9rieures",
"product": {
"name": "Orion Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "SolarWinds Platform versions ant\u00e9rieures \u00e0 2022.4 RC1",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-36958",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36958"
},
{
"name": "CVE-2022-36966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36966"
},
{
"name": "CVE-2022-36957",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36957"
},
{
"name": "CVE-2022-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38108"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-939",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur et une ex\u00e9cution de code arbitraire\n\u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-38108 du 19 octobre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-38108"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-36966 du 19 octobre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36966"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-36957 du 19 octobre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36957"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2022-36958 du 19 octobre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36958"
}
]
}
CERTFR-2022-AVI-864
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SolarWinds | N/A | Hybrid Cloud Observability versions antérieures à 2022.3 | ||
| SolarWinds | Orion Platform | SolarWinds Platform (anciennement Orion Platform) versions antérieures à 2022.3 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Hybrid Cloud Observability versions ant\u00e9rieures \u00e0 2022.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "SolarWinds Platform (anciennement Orion Platform) versions ant\u00e9rieures \u00e0 2022.3",
"product": {
"name": "Orion Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-36965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36965"
},
{
"name": "CVE-2022-36961",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36961"
},
{
"name": "CVE-2021-35226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35226"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-864",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-09-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds du 28 septembre 2022",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35226"
}
]
}
CERTFR-2021-AVI-679
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SolarWinds | Serv-U | Serv-U versions antérieures à 15.2.4 | ||
| SolarWinds | N/A | Patch Manager versions antérieures à 2020.2.6 HF1 | ||
| SolarWinds | Orion Platform | Orion Platform versions antérieures à 2020.2.6 HF1 | ||
| SolarWinds | Web Help Desk | Web Help Desk versions antérieures à 12.7.6 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Serv-U versions ant\u00e9rieures \u00e0 15.2.4",
"product": {
"name": "Serv-U",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Patch Manager versions ant\u00e9rieures \u00e0 2020.2.6 HF1",
"product": {
"name": "N/A",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Orion Platform versions ant\u00e9rieures \u00e0 2020.2.6 HF1",
"product": {
"name": "Orion Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Web Help Desk versions ant\u00e9rieures \u00e0 12.7.6",
"product": {
"name": "Web Help Desk",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"links": [],
"reference": "CERTFR-2021-AVI-679",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-09-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution\nde code arbitraire \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une injection de code indirecte \u00e0 distance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35239 du 15 juillet 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35239"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35221 du 15 juillet 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35220 du 15 juillet 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35220"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-32076 du 20 ao\u00fbt 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-32076"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35240 du 20 juillet 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35240"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35238 du 20 juillet 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35238"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35223 du 20 ao\u00fbt 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35223"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35222 du 15 juillet 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35217 du 20 ao\u00fbt 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35219 du 15 juillet 2021",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219"
}
]
}
CVE-2022-36964 (GCVE-0-2022-36964)
Vulnerability from cvelistv5 – Published: 2022-11-29 20:47 – Updated: 2025-04-25 14:41
VLAI?
Title
SolarWinds Platform Deserialization of Untrusted Data
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
Severity ?
8.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
2022.3 and prior versions , ≤ 2022.3
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36964"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36964",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T14:41:05.258353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T14:41:14.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3",
"status": "affected",
"version": "2022.3 and prior versions",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5",
"status": "affected",
"version": "2020.2.6 HF5 and prior versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-11-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-29T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
},
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36964"
}
],
"solutions": [
{
"lang": "en",
"value": "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SolarWinds Platform Deserialization of Untrusted Data",
"x_generator": {
"engine": "vulnogram 0.1.0-rc1"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36964",
"datePublished": "2022-11-29T20:47:49.978Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-04-25T14:41:14.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36962 (GCVE-0-2022-36962)
Vulnerability from cvelistv5 – Published: 2022-11-29 20:46 – Updated: 2025-04-25 14:42
VLAI?
Title
SolarWinds Platform Command Injection
Summary
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
2022.3 and prior versions , ≤ 2022.3
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36962"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36962",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T14:41:52.205145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T14:42:00.235Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3",
"status": "affected",
"version": "2022.3 and prior versions",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5",
"status": "affected",
"version": "2020.2.6 HF5 and prior versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-11-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-29T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
},
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36962"
}
],
"solutions": [
{
"lang": "en",
"value": "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SolarWinds Platform Command Injection",
"x_generator": {
"engine": "vulnogram 0.1.0-rc1"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36962",
"datePublished": "2022-11-29T20:46:18.482Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-04-25T14:42:00.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36960 (GCVE-0-2022-36960)
Vulnerability from cvelistv5 – Published: 2022-11-29 20:43 – Updated: 2025-04-24 17:46
VLAI?
Title
SolarWinds Platform Improper Input Validation
Summary
SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.
Severity ?
8.8 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
2022.3 and prior versions , < 2022.3
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36960"
},
{
"tags": [
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36960",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T17:46:32.884693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T17:46:45.937Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2022.3",
"status": "affected",
"version": "2022.3 and prior versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5",
"status": "affected",
"version": "2020.2.6 HF5 and prior versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-11-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.\u003c/p\u003e"
}
],
"value": "SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T20:34:08.739Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36960"
},
{
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAll SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4\u003c/p\u003e"
}
],
"value": "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SolarWinds Platform Improper Input Validation",
"x_generator": {
"engine": "vulnogram 0.1.0-rc1"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36960",
"datePublished": "2022-11-29T20:43:38.388Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-04-24T17:46:45.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38108 (GCVE-0-2022-38108)
Vulnerability from cvelistv5 – Published: 2022-10-20 20:11 – Updated: 2025-05-08 15:22
VLAI?
Title
SolarWinds Platform Deserialization of Untrusted Data
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Severity ?
7.2 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
unspecified , ≤ 2022.3 and prior versions
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:45:52.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38108"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17531"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171567/SolarWinds-Information-Service-SWIS-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38108",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:22:04.833139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T15:22:21.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://packetstorm.news/files/id/171567"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-28T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38108"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17531"
},
{
"url": "http://packetstormsecurity.com/files/171567/SolarWinds-Information-Service-SWIS-Remote-Command-Execution.html"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SolarWinds Platform Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform. Special attention should be given to the following points from documentation: \n\u2022\tBe careful not to expose your SolarWinds Platform website on the public Internet. If you must enable outbound Internet access from SolarWinds Servers, create a strict allow list and block all other traffic. See SolarWinds Platform Product Features Affected by Internet Access (https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-Product-Features-Affected-by-Internet-Access). \n\u2022\tDisable unnecessary ports, protocols, and services on your host operating system and on applications, like SQL Server. For more details, see the SolarWinds Port Requirements guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-solarwinds-port-requirements.htm) and Best practices for configuring Windows Defender Firewall (\u00a9 2021 Microsoft, available at https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-configuring, obtained on January 13, 2021.) \n\u2022\tApply proper segmentation controls on the network where you have deployed the SolarWinds Platform and SQL Server instances. \n\u2022\tConfigure the firewall for the main polling engine to limit and restrict all inbound and outbound access for port 5671. Port 5671 should only communicate to your other SolarWinds Servers (in case of High Availability, both Active and Standby Primary Polling Engine Servers). You can check these by querying the OrionServers table in the SolarWinds Platform database. Ensure this rule is updated when the configuration of SolarWinds Platform changes, for example when you add new servers."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-38108",
"datePublished": "2022-10-20T20:11:25.181Z",
"dateReserved": "2022-08-09T00:00:00.000Z",
"dateUpdated": "2025-05-08T15:22:21.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36958 (GCVE-0-2022-36958)
Vulnerability from cvelistv5 – Published: 2022-10-20 20:10 – Updated: 2025-05-08 13:25
VLAI?
Title
SolarWinds Platform Deserialization of Untrusted Data
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
Severity ?
8.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
unspecified , ≤ 2022.3 and prior versions
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36958",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T13:25:42.786016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T13:25:48.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-20T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SolarWinds Platform Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36958",
"datePublished": "2022-10-20T20:10:01.367Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-05-08T13:25:48.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36957 (GCVE-0-2022-36957)
Vulnerability from cvelistv5 – Published: 2022-10-20 20:08 – Updated: 2025-05-05 20:01
VLAI?
Title
SolarWinds Platform Deserialization of Untrusted Data
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Severity ?
7.2 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
unspecified , ≤ 2022.3 and prior versions
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36957",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-05T20:01:13.076756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T20:01:34.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-20T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SolarWinds Platform Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform. Special attention should be given to the following points from documentation: \n\u2022\tBe careful not to expose your SolarWinds Platform website on the public Internet. If you must enable outbound Internet access from SolarWinds Servers, create a strict allow list and block all other traffic. See SolarWinds Platform Product Features Affected by Internet Access (https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-Product-Features-Affected-by-Internet-Access). \n\u2022\tDisable unnecessary ports, protocols, and services on your host operating system and on applications, like SQL Server. For more details, see the SolarWinds Port Requirements guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-solarwinds-port-requirements.htm) and Best practices for configuring Windows Defender Firewall (\u00a9 2021 Microsoft, available at https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-configuring, obtained on January 13, 2021.) \n\u2022\tApply proper segmentation controls on the network where you have deployed the SolarWinds Platform and SQL Server instances. \n\u2022\tConfigure the firewall for the main polling engine to limit and restrict all inbound and outbound access for port 5671. Port 5671 should only communicate to your other SolarWinds Servers (in case of High Availability, both Active and Standby Primary Polling Engine Servers). You can check these by querying the OrionServers table in the SolarWinds Platform database. Ensure this rule is updated when the configuration of SolarWinds Platform changes, for example when you add new servers."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36957",
"datePublished": "2022-10-20T20:08:04.993Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-05-05T20:01:34.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36965 (GCVE-0-2022-36965)
Vulnerability from cvelistv5 – Published: 2022-09-30 16:45 – Updated: 2025-05-20 16:14
VLAI?
Title
Stored and DOM XSS in QoE Applications: Orion Platform
Summary
Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).
Severity ?
6.1 (Medium)
CWE
- Stored and DOM XSS in QoE Applications: Orion Platform
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Affected:
2020.2.6 and previous versions , < 2022.3.0
(custom)
|
Credits
Shashank Chaurasia
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes%2Cissues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36965",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:14:53.697114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:14:58.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2022.3.0",
"status": "affected",
"version": "2020.2.6 and previous versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Shashank Chaurasia"
}
],
"datePublic": "2022-09-27T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eInsufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).\u003c/p\u003e"
}
],
"value": "Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored and DOM XSS in QoE Applications: Orion Platform",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T16:55:34.626Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes%2Cissues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform"
}
],
"source": {
"defect": [
"CVE-2022-36965"
],
"discovery": "UNKNOWN"
},
"title": "Stored and DOM XSS in QoE Applications: Orion Platform",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "SolarWinds",
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2022-09-28T10:25:00.000Z",
"ID": "CVE-2022-36965",
"STATE": "PUBLIC",
"TITLE": "Stored and DOM XSS in QoE Applications: Orion Platform"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Orion Platform",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "2020.2.6 and previous versions",
"version_value": "2022.3.0"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Shashank Chaurasia"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored and DOM XSS in QoE Applications: Orion Platform"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965",
"refsource": "CONFIRM",
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965"
},
{
"name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes,issues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform",
"refsource": "CONFIRM",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes,issues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform"
}
]
},
"source": {
"defect": [
"CVE-2022-36965"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36965",
"datePublished": "2022-09-30T16:45:24.996Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-05-20T16:14:58.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36961 (GCVE-0-2022-36961)
Vulnerability from cvelistv5 – Published: 2022-09-30 16:06 – Updated: 2025-05-20 16:01
VLAI?
Title
Orion Platform SQL Injection Privilege Escalation Vulnerability
Summary
A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.
Severity ?
8.8 (High)
CWE
- CWE-89 - SQL Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Affected:
2022.2.3 and previous versions , < 2022.2.3
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36961",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:01:28.039621Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:01:34.479Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2022.2.3",
"status": "affected",
"version": "2022.2.3 and previous versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-09-27T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.\u003c/p\u003e"
}
],
"value": "A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T16:46:36.401Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAll SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)\u003c/p\u003e"
}
],
"value": "All SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)"
}
],
"source": {
"defect": [
"CVE-2022-36961"
],
"discovery": "UNKNOWN"
},
"title": "Orion Platform SQL Injection Privilege Escalation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2022-09-28T14:35:00.000Z",
"ID": "CVE-2022-36961",
"STATE": "PUBLIC",
"TITLE": "Orion Platform SQL Injection Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Orion Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2022.2.3 and previous versions",
"version_value": "2022.2.3"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961",
"refsource": "CONFIRM",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961"
},
{
"name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm",
"refsource": "CONFIRM",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm"
}
]
},
"solution": [
{
"lang": "en",
"value": "All SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)"
}
],
"source": {
"defect": [
"CVE-2022-36961"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36961",
"datePublished": "2022-09-30T16:06:10.288Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-05-20T16:01:34.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35244 (GCVE-0-2021-35244)
Vulnerability from cvelistv5 – Published: 2021-12-20 20:08 – Updated: 2024-09-16 22:10
VLAI?
Title
Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6
Summary
The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.
Severity ?
6.8 (Medium)
CWE
- https://cwe.mitre.org/data/definitions/1031.html
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Affected:
2020.2.6 HF 2 and previous versions , < 2020.2.6 HF 3
(custom)
|
Credits
dibs working with Trend Micro's Zero Day Initiative.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:33:51.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-375/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2020.2.6 HF 3",
"status": "affected",
"version": "2020.2.6 HF 2 and previous versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "dibs working with Trend Micro\u0027s Zero Day Initiative."
}
],
"datePublic": "2021-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The \"Log alert to a file\" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "https://cwe.mitre.org/data/definitions/1031.html",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T18:06:19",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-375/"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends\u202fcustomers upgrade to the latest version once it becomes generally available."
}
],
"source": {
"defect": [
"CVE-2021-35244"
],
"discovery": "UNKNOWN"
},
"title": "Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6",
"workarounds": [
{
"lang": "en",
"value": "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-File-Upload-Causing-Remote-Code-Execution-Vulnerability-CVE-2021-35244"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2021-12-20T10:51:00.000Z",
"ID": "CVE-2021-35244",
"STATE": "PUBLIC",
"TITLE": "Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Orion Platform",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "2020.2.6 HF 2 and previous versions",
"version_value": "2020.2.6 HF 3"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "dibs working with Trend Micro\u0027s Zero Day Initiative."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \"Log alert to a file\" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "https://cwe.mitre.org/data/definitions/1031.html"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242",
"refsource": "MISC",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242"
},
{
"name": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm",
"refsource": "MISC",
"url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"
},
{
"name": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US",
"refsource": "MISC",
"url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-375/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-375/"
}
]
},
"solution": [
{
"lang": "en",
"value": "SolarWinds recommends\u202fcustomers upgrade to the latest version once it becomes generally available."
}
],
"source": {
"defect": [
"CVE-2021-35244"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-File-Upload-Causing-Remote-Code-Execution-Vulnerability-CVE-2021-35244"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2021-35244",
"datePublished": "2021-12-20T20:08:24.786551Z",
"dateReserved": "2021-06-22T00:00:00",
"dateUpdated": "2024-09-16T22:10:26.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35217 (GCVE-0-2021-35217)
Vulnerability from cvelistv5 – Published: 2021-09-08 13:15 – Updated: 2024-09-16 20:58
VLAI?
Title
Insecure Deserialization of untrusted data causing Remote code execution vulnerability.
Summary
Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.
Severity ?
8.9 (High)
CWE
- Insecure Deserialization of untrusted data causing Remote code execution vulnerability.
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Affected:
2020.2.5 and previous versions , < 2020.2.6
(custom)
|
Credits
Jangggggg working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:33:51.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2020.2.6",
"status": "affected",
"version": "2020.2.5 and previous versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jangggggg working with Trend Micro Zero Day Initiative"
}
],
"datePublic": "2021-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T11:06:23",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends upgrading to both the latest version of Patch Manager and Orion Integration Module as soon as it becomes available."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2021-09-02T13:14:00.000Z",
"ID": "CVE-2021-35217",
"STATE": "PUBLIC",
"TITLE": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Orion Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2020.2.5 and previous versions",
"version_value": "2020.2.6"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jangggggg working with Trend Micro Zero Day Initiative"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm",
"refsource": "MISC",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
},
{
"name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm",
"refsource": "MISC",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
},
{
"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217",
"refsource": "MISC",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
}
]
},
"solution": [
{
"lang": "en",
"value": "SolarWinds recommends upgrading to both the latest version of Patch Manager and Orion Integration Module as soon as it becomes available."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2021-35217",
"datePublished": "2021-09-08T13:15:03.615945Z",
"dateReserved": "2021-06-22T00:00:00",
"dateUpdated": "2024-09-16T20:58:13.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36964 (GCVE-0-2022-36964)
Vulnerability from nvd – Published: 2022-11-29 20:47 – Updated: 2025-04-25 14:41
VLAI?
Title
SolarWinds Platform Deserialization of Untrusted Data
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
Severity ?
8.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
2022.3 and prior versions , ≤ 2022.3
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36964"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36964",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T14:41:05.258353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T14:41:14.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3",
"status": "affected",
"version": "2022.3 and prior versions",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5",
"status": "affected",
"version": "2020.2.6 HF5 and prior versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-11-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-29T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
},
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36964"
}
],
"solutions": [
{
"lang": "en",
"value": "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SolarWinds Platform Deserialization of Untrusted Data",
"x_generator": {
"engine": "vulnogram 0.1.0-rc1"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36964",
"datePublished": "2022-11-29T20:47:49.978Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-04-25T14:41:14.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36962 (GCVE-0-2022-36962)
Vulnerability from nvd – Published: 2022-11-29 20:46 – Updated: 2025-04-25 14:42
VLAI?
Title
SolarWinds Platform Command Injection
Summary
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
2022.3 and prior versions , ≤ 2022.3
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36962"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36962",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T14:41:52.205145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T14:42:00.235Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3",
"status": "affected",
"version": "2022.3 and prior versions",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5",
"status": "affected",
"version": "2020.2.6 HF5 and prior versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-11-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-29T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
},
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36962"
}
],
"solutions": [
{
"lang": "en",
"value": "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SolarWinds Platform Command Injection",
"x_generator": {
"engine": "vulnogram 0.1.0-rc1"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36962",
"datePublished": "2022-11-29T20:46:18.482Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-04-25T14:42:00.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36960 (GCVE-0-2022-36960)
Vulnerability from nvd – Published: 2022-11-29 20:43 – Updated: 2025-04-24 17:46
VLAI?
Title
SolarWinds Platform Improper Input Validation
Summary
SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.
Severity ?
8.8 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
2022.3 and prior versions , < 2022.3
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36960"
},
{
"tags": [
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36960",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T17:46:32.884693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T17:46:45.937Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2022.3",
"status": "affected",
"version": "2022.3 and prior versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5",
"status": "affected",
"version": "2020.2.6 HF5 and prior versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-11-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.\u003c/p\u003e"
}
],
"value": "SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T20:34:08.739Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36960"
},
{
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAll SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4\u003c/p\u003e"
}
],
"value": "All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2022.4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SolarWinds Platform Improper Input Validation",
"x_generator": {
"engine": "vulnogram 0.1.0-rc1"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36960",
"datePublished": "2022-11-29T20:43:38.388Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-04-24T17:46:45.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38108 (GCVE-0-2022-38108)
Vulnerability from nvd – Published: 2022-10-20 20:11 – Updated: 2025-05-08 15:22
VLAI?
Title
SolarWinds Platform Deserialization of Untrusted Data
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Severity ?
7.2 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
unspecified , ≤ 2022.3 and prior versions
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:45:52.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38108"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17531"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171567/SolarWinds-Information-Service-SWIS-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38108",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:22:04.833139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T15:22:21.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://packetstorm.news/files/id/171567"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-28T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38108"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17531"
},
{
"url": "http://packetstormsecurity.com/files/171567/SolarWinds-Information-Service-SWIS-Remote-Command-Execution.html"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SolarWinds Platform Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform. Special attention should be given to the following points from documentation: \n\u2022\tBe careful not to expose your SolarWinds Platform website on the public Internet. If you must enable outbound Internet access from SolarWinds Servers, create a strict allow list and block all other traffic. See SolarWinds Platform Product Features Affected by Internet Access (https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-Product-Features-Affected-by-Internet-Access). \n\u2022\tDisable unnecessary ports, protocols, and services on your host operating system and on applications, like SQL Server. For more details, see the SolarWinds Port Requirements guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-solarwinds-port-requirements.htm) and Best practices for configuring Windows Defender Firewall (\u00a9 2021 Microsoft, available at https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-configuring, obtained on January 13, 2021.) \n\u2022\tApply proper segmentation controls on the network where you have deployed the SolarWinds Platform and SQL Server instances. \n\u2022\tConfigure the firewall for the main polling engine to limit and restrict all inbound and outbound access for port 5671. Port 5671 should only communicate to your other SolarWinds Servers (in case of High Availability, both Active and Standby Primary Polling Engine Servers). You can check these by querying the OrionServers table in the SolarWinds Platform database. Ensure this rule is updated when the configuration of SolarWinds Platform changes, for example when you add new servers."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-38108",
"datePublished": "2022-10-20T20:11:25.181Z",
"dateReserved": "2022-08-09T00:00:00.000Z",
"dateUpdated": "2025-05-08T15:22:21.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36958 (GCVE-0-2022-36958)
Vulnerability from nvd – Published: 2022-10-20 20:10 – Updated: 2025-05-08 13:25
VLAI?
Title
SolarWinds Platform Deserialization of Untrusted Data
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
Severity ?
8.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
unspecified , ≤ 2022.3 and prior versions
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36958",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T13:25:42.786016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T13:25:48.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-20T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36958"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17567"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SolarWinds Platform Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36958",
"datePublished": "2022-10-20T20:10:01.367Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-05-08T13:25:48.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36957 (GCVE-0-2022-36957)
Vulnerability from nvd – Published: 2022-10-20 20:08 – Updated: 2025-05-05 20:01
VLAI?
Title
SolarWinds Platform Deserialization of Untrusted Data
Summary
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Severity ?
7.2 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SolarWinds | SolarWinds Platform |
Affected:
unspecified , ≤ 2022.3 and prior versions
(custom)
|
|||||||
|
|||||||||
Credits
SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36957",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-05T20:01:13.076756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T20:01:34.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SolarWinds Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2022.3 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2020.2.6 HF5 and prior versions",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "SolarWinds would like to thank Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner."
}
],
"datePublic": "2022-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-20T00:00:00.000Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36957"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17530"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SolarWinds Platform Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"value": "SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as it becomes available. The expected RC release is at the end of October. SolarWinds also recommends that customers follow the guidance provided in the SolarWinds Secure Configuration Guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm). Ensure only authorized users can access the SolarWinds Platform. Special attention should be given to the following points from documentation: \n\u2022\tBe careful not to expose your SolarWinds Platform website on the public Internet. If you must enable outbound Internet access from SolarWinds Servers, create a strict allow list and block all other traffic. See SolarWinds Platform Product Features Affected by Internet Access (https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-Product-Features-Affected-by-Internet-Access). \n\u2022\tDisable unnecessary ports, protocols, and services on your host operating system and on applications, like SQL Server. For more details, see the SolarWinds Port Requirements guide (https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-solarwinds-port-requirements.htm) and Best practices for configuring Windows Defender Firewall (\u00a9 2021 Microsoft, available at https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-configuring, obtained on January 13, 2021.) \n\u2022\tApply proper segmentation controls on the network where you have deployed the SolarWinds Platform and SQL Server instances. \n\u2022\tConfigure the firewall for the main polling engine to limit and restrict all inbound and outbound access for port 5671. Port 5671 should only communicate to your other SolarWinds Servers (in case of High Availability, both Active and Standby Primary Polling Engine Servers). You can check these by querying the OrionServers table in the SolarWinds Platform database. Ensure this rule is updated when the configuration of SolarWinds Platform changes, for example when you add new servers."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36957",
"datePublished": "2022-10-20T20:08:04.993Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-05-05T20:01:34.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36965 (GCVE-0-2022-36965)
Vulnerability from nvd – Published: 2022-09-30 16:45 – Updated: 2025-05-20 16:14
VLAI?
Title
Stored and DOM XSS in QoE Applications: Orion Platform
Summary
Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).
Severity ?
6.1 (Medium)
CWE
- Stored and DOM XSS in QoE Applications: Orion Platform
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Affected:
2020.2.6 and previous versions , < 2022.3.0
(custom)
|
Credits
Shashank Chaurasia
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes%2Cissues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36965",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:14:53.697114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:14:58.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2022.3.0",
"status": "affected",
"version": "2020.2.6 and previous versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Shashank Chaurasia"
}
],
"datePublic": "2022-09-27T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eInsufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).\u003c/p\u003e"
}
],
"value": "Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored and DOM XSS in QoE Applications: Orion Platform",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T16:55:34.626Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes%2Cissues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform"
}
],
"source": {
"defect": [
"CVE-2022-36965"
],
"discovery": "UNKNOWN"
},
"title": "Stored and DOM XSS in QoE Applications: Orion Platform",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "SolarWinds",
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2022-09-28T10:25:00.000Z",
"ID": "CVE-2022-36965",
"STATE": "PUBLIC",
"TITLE": "Stored and DOM XSS in QoE Applications: Orion Platform"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Orion Platform",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "2020.2.6 and previous versions",
"version_value": "2022.3.0"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Shashank Chaurasia"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored and DOM XSS in QoE Applications: Orion Platform"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965",
"refsource": "CONFIRM",
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965"
},
{
"name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes,issues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform",
"refsource": "CONFIRM",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes,issues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform"
}
]
},
"source": {
"defect": [
"CVE-2022-36965"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36965",
"datePublished": "2022-09-30T16:45:24.996Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-05-20T16:14:58.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36961 (GCVE-0-2022-36961)
Vulnerability from nvd – Published: 2022-09-30 16:06 – Updated: 2025-05-20 16:01
VLAI?
Title
Orion Platform SQL Injection Privilege Escalation Vulnerability
Summary
A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.
Severity ?
8.8 (High)
CWE
- CWE-89 - SQL Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Affected:
2022.2.3 and previous versions , < 2022.2.3
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36961",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:01:28.039621Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:01:34.479Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2022.2.3",
"status": "affected",
"version": "2022.2.3 and previous versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-09-27T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.\u003c/p\u003e"
}
],
"value": "A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T16:46:36.401Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAll SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)\u003c/p\u003e"
}
],
"value": "All SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)"
}
],
"source": {
"defect": [
"CVE-2022-36961"
],
"discovery": "UNKNOWN"
},
"title": "Orion Platform SQL Injection Privilege Escalation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2022-09-28T14:35:00.000Z",
"ID": "CVE-2022-36961",
"STATE": "PUBLIC",
"TITLE": "Orion Platform SQL Injection Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Orion Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2022.2.3 and previous versions",
"version_value": "2022.2.3"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961",
"refsource": "CONFIRM",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961"
},
{
"name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm",
"refsource": "CONFIRM",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm"
}
]
},
"solution": [
{
"lang": "en",
"value": "All SolarWinds Platform customers are advised to upgrade to the latest generally available service update. (SolarWinds Platform)"
}
],
"source": {
"defect": [
"CVE-2022-36961"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2022-36961",
"datePublished": "2022-09-30T16:06:10.288Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-05-20T16:01:34.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35244 (GCVE-0-2021-35244)
Vulnerability from nvd – Published: 2021-12-20 20:08 – Updated: 2024-09-16 22:10
VLAI?
Title
Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6
Summary
The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.
Severity ?
6.8 (Medium)
CWE
- https://cwe.mitre.org/data/definitions/1031.html
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Affected:
2020.2.6 HF 2 and previous versions , < 2020.2.6 HF 3
(custom)
|
Credits
dibs working with Trend Micro's Zero Day Initiative.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:33:51.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-375/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2020.2.6 HF 3",
"status": "affected",
"version": "2020.2.6 HF 2 and previous versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "dibs working with Trend Micro\u0027s Zero Day Initiative."
}
],
"datePublic": "2021-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The \"Log alert to a file\" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "https://cwe.mitre.org/data/definitions/1031.html",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T18:06:19",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-375/"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends\u202fcustomers upgrade to the latest version once it becomes generally available."
}
],
"source": {
"defect": [
"CVE-2021-35244"
],
"discovery": "UNKNOWN"
},
"title": "Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6",
"workarounds": [
{
"lang": "en",
"value": "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-File-Upload-Causing-Remote-Code-Execution-Vulnerability-CVE-2021-35244"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2021-12-20T10:51:00.000Z",
"ID": "CVE-2021-35244",
"STATE": "PUBLIC",
"TITLE": "Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Orion Platform",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "2020.2.6 HF 2 and previous versions",
"version_value": "2020.2.6 HF 3"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "dibs working with Trend Micro\u0027s Zero Day Initiative."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \"Log alert to a file\" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "https://cwe.mitre.org/data/definitions/1031.html"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242",
"refsource": "MISC",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242"
},
{
"name": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm",
"refsource": "MISC",
"url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"
},
{
"name": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US",
"refsource": "MISC",
"url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-375/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-375/"
}
]
},
"solution": [
{
"lang": "en",
"value": "SolarWinds recommends\u202fcustomers upgrade to the latest version once it becomes generally available."
}
],
"source": {
"defect": [
"CVE-2021-35244"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-File-Upload-Causing-Remote-Code-Execution-Vulnerability-CVE-2021-35244"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2021-35244",
"datePublished": "2021-12-20T20:08:24.786551Z",
"dateReserved": "2021-06-22T00:00:00",
"dateUpdated": "2024-09-16T22:10:26.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35217 (GCVE-0-2021-35217)
Vulnerability from nvd – Published: 2021-09-08 13:15 – Updated: 2024-09-16 20:58
VLAI?
Title
Insecure Deserialization of untrusted data causing Remote code execution vulnerability.
Summary
Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.
Severity ?
8.9 (High)
CWE
- Insecure Deserialization of untrusted data causing Remote code execution vulnerability.
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SolarWinds | Orion Platform |
Affected:
2020.2.5 and previous versions , < 2020.2.6
(custom)
|
Credits
Jangggggg working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:33:51.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Orion Platform",
"vendor": "SolarWinds",
"versions": [
{
"lessThan": "2020.2.6",
"status": "affected",
"version": "2020.2.5 and previous versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jangggggg working with Trend Micro Zero Day Initiative"
}
],
"datePublic": "2021-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T11:06:23",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
}
],
"solutions": [
{
"lang": "en",
"value": "SolarWinds recommends upgrading to both the latest version of Patch Manager and Orion Integration Module as soon as it becomes available."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2021-09-02T13:14:00.000Z",
"ID": "CVE-2021-35217",
"STATE": "PUBLIC",
"TITLE": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Orion Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2020.2.5 and previous versions",
"version_value": "2020.2.6"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jangggggg working with Trend Micro Zero Day Initiative"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm",
"refsource": "MISC",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
},
{
"name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm",
"refsource": "MISC",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
},
{
"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217",
"refsource": "MISC",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
}
]
},
"solution": [
{
"lang": "en",
"value": "SolarWinds recommends upgrading to both the latest version of Patch Manager and Orion Integration Module as soon as it becomes available."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2021-35217",
"datePublished": "2021-09-08T13:15:03.615945Z",
"dateReserved": "2021-06-22T00:00:00",
"dateUpdated": "2024-09-16T20:58:13.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}