Vulnerability-Lookup

CVE-2021-35215 (GCVE-0-2021-35215)

Vulnerability from cvelistv5 – Published: 2021-09-01 14:21 – Updated: 2024-09-16 19:52

Title

ActionPluginBaseView Deserialization of Untrusted Data RCE

Summary

Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.

Severity ?

8.9 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

SolarWinds

References

URL

Tags

	https://documentation.solarwinds.com/en/success_c…	x_refsource_MISC
	https://www.solarwinds.com/trust-center/security-…	x_refsource_MISC
	https://documentation.solarwinds.co/enm/success_c…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	SolarWinds	Orion Platform	Affected: 2020.2.5 and previous versions , < 2020.2.6 (custom)

Credits

Jangggggg working with Trend Micro Zero Day Initiative

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:33:51.252Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Windows"
          ],
          "product": "Orion Platform",
          "vendor": "SolarWinds",
          "versions": [
            {
              "lessThan": "2020.2.6",
              "status": "affected",
              "version": "2020.2.5 and previous versions",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jangggggg working with Trend Micro Zero Day Initiative"
        }
      ],
      "datePublic": "2021-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-28T11:06:20",
        "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "shortName": "SolarWinds"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Customers are advised to update to Orion Platform 2020.2.6 once it becomes available,"
        }
      ],
      "source": {
        "defect": [
          "CVE-2021-35215"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "ActionPluginBaseView Deserialization of Untrusted Data RCE",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@solarwinds.com",
          "DATE_PUBLIC": "2021-07-15T16:08:00.000Z",
          "ID": "CVE-2021-35215",
          "STATE": "PUBLIC",
          "TITLE": "ActionPluginBaseView Deserialization of Untrusted Data RCE"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Orion Platform",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Windows",
                            "version_affected": "\u003c",
                            "version_name": "2020.2.5 and previous versions",
                            "version_value": "2020.2.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SolarWinds"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Jangggggg working with Trend Micro Zero Day Initiative"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-502 Deserialization of Untrusted Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm",
              "refsource": "MISC",
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
            },
            {
              "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215",
              "refsource": "MISC",
              "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
            },
            {
              "name": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm",
              "refsource": "MISC",
              "url": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Customers are advised to update to Orion Platform 2020.2.6 once it becomes available,"
          }
        ],
        "source": {
          "defect": [
            "CVE-2021-35215"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
    "assignerShortName": "SolarWinds",
    "cveId": "CVE-2021-35215",
    "datePublished": "2021-09-01T14:21:46.258591Z",
    "dateReserved": "2021-06-22T00:00:00",
    "dateUpdated": "2024-09-16T19:52:15.792Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2020.2.5\", \"matchCriteriaId\": \"70E2B14D-F48F-4CA2-8995-17F1FC30E091\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado una deserializaci\\u00f3n insegura conllevando a una ejecuci\\u00f3n de c\\u00f3digo remota en Orion Platform versi\\u00f3n 2020.2.5. Es requerida una autenticaci\\u00f3n para explotar esta vulnerabilidad\"}]",
      "id": "CVE-2021-35215",
      "lastModified": "2024-11-21T06:12:04.613",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@solarwinds.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\", \"baseScore\": 8.9, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-09-01T15:15:08.797",
      "references": "[{\"url\": \"https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Product\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-21-1245/\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-21-1245/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "psirt@solarwinds.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@solarwinds.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-35215\",\"sourceIdentifier\":\"psirt@solarwinds.com\",\"published\":\"2021-09-01T15:15:08.797\",\"lastModified\":\"2024-11-21T06:12:04.613\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado una deserializaci\u00f3n insegura conllevando a una ejecuci\u00f3n de c\u00f3digo remota en Orion Platform versi\u00f3n 2020.2.5. Es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\",\"baseScore\":8.9,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2020.2.5\",\"matchCriteriaId\":\"70E2B14D-F48F-4CA2-8995-17F1FC30E091\"}]}]}],\"references\":[{\"url\":\"https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Product\",\"Vendor Advisory\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-1245/\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Vendor Advisory\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-1245/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

CERTFR-2021-AVI-651

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SolarWinds	Orion Platform	Orion Platform versions 2019.4 antérieures à 2019.4.2
SolarWinds	N/A	Dameware versions 12.0.1.2008 antérieures à 12.2
SolarWinds	N/A	Patch Manager versions 2020.2.5 antérieures à 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2020.2.5 antérieures à 2020.2.5 HF1 ou 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2019.2 antérieures à 2019.2 HF4
SolarWinds	Orion Platform	Orion Platform versions 2020.2.4 antérieures à 2020.2.5 HF1 ou 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2020.2.1 antérieures à 2020.2.5 HF1 ou 2020.2.6

References

Title

Publication Time

Tags

Bulletin de sécurité SolarWinds cve-2021-35216 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35212 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35218 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35215 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-31217 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35213 du 23 août 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Orion Platform versions 2019.4 ant\u00e9rieures \u00e0 2019.4.2",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Dameware versions 12.0.1.2008 ant\u00e9rieures \u00e0 12.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Patch Manager versions 2020.2.5 ant\u00e9rieures \u00e0 2020.2.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.5 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2019.2 ant\u00e9rieures \u00e0 2019.2 HF4",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.4 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.1 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-35213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35213"
    },
    {
      "name": "CVE-2021-35212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35212"
    },
    {
      "name": "CVE-2021-35218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35218"
    },
    {
      "name": "CVE-2021-35217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35217"
    },
    {
      "name": "CVE-2021-35216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35216"
    },
    {
      "name": "CVE-2021-35215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35215"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-651",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35216 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35212 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35218 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35215 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-31217 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-31217"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35213 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213"
    }
  ]
}

CERTFR-2021-AVI-651

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SolarWinds	Orion Platform	Orion Platform versions 2019.4 antérieures à 2019.4.2
SolarWinds	N/A	Dameware versions 12.0.1.2008 antérieures à 12.2
SolarWinds	N/A	Patch Manager versions 2020.2.5 antérieures à 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2020.2.5 antérieures à 2020.2.5 HF1 ou 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2019.2 antérieures à 2019.2 HF4
SolarWinds	Orion Platform	Orion Platform versions 2020.2.4 antérieures à 2020.2.5 HF1 ou 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2020.2.1 antérieures à 2020.2.5 HF1 ou 2020.2.6

References

Title

Publication Time

Tags

Bulletin de sécurité SolarWinds cve-2021-35216 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35212 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35218 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35215 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-31217 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35213 du 23 août 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Orion Platform versions 2019.4 ant\u00e9rieures \u00e0 2019.4.2",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Dameware versions 12.0.1.2008 ant\u00e9rieures \u00e0 12.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Patch Manager versions 2020.2.5 ant\u00e9rieures \u00e0 2020.2.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.5 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2019.2 ant\u00e9rieures \u00e0 2019.2 HF4",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.4 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.1 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-35213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35213"
    },
    {
      "name": "CVE-2021-35212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35212"
    },
    {
      "name": "CVE-2021-35218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35218"
    },
    {
      "name": "CVE-2021-35217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35217"
    },
    {
      "name": "CVE-2021-35216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35216"
    },
    {
      "name": "CVE-2021-35215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35215"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-651",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35216 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35212 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35218 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35215 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-31217 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-31217"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35213 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213"
    }
  ]
}

GSD-2021-35215

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.

Aliases

CVE-2021-35215

Aliases

CVE-2021-35215

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-35215",
    "description": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.",
    "id": "GSD-2021-35215"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-35215"
      ],
      "details": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.",
      "id": "GSD-2021-35215",
      "modified": "2023-12-13T01:23:28.237048Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@solarwinds.com",
        "DATE_PUBLIC": "2021-07-15T16:08:00.000Z",
        "ID": "CVE-2021-35215",
        "STATE": "PUBLIC",
        "TITLE": "ActionPluginBaseView Deserialization of Untrusted Data RCE"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Orion Platform ",
                    "version": {
                      "version_data": [
                        {
                          "platform": "Windows",
                          "version_affected": "\u003c",
                          "version_name": "2020.2.5 and previous versions ",
                          "version_value": "2020.2.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "SolarWinds"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Jangggggg working with Trend Micro Zero Day Initiative"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.9,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-502 Deserialization of Untrusted Data"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm",
            "refsource": "MISC",
            "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
          },
          {
            "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215",
            "refsource": "MISC",
            "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
          },
          {
            "name": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm",
            "refsource": "MISC",
            "url": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "Customers are advised to update to Orion Platform 2020.2.6 once it becomes available, "
        }
      ],
      "source": {
        "defect": [
          "CVE-2021-35215"
        ],
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2020.2.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@solarwinds.com",
          "ID": "CVE-2021-35215"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-502"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm",
              "refsource": "MISC",
              "tags": [
                "Product",
                "Vendor Advisory"
              ],
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
            },
            {
              "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
            },
            {
              "name": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm",
              "refsource": "MISC",
              "tags": [
                "Broken Link"
              ],
              "url": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-11-03T20:23Z",
      "publishedDate": "2021-09-01T15:15Z"
    }
  }
}

GHSA-QGVW-V9XQ-RJP9

Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-05-24 19:12

Details

Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-35215"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-01T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.",
  "id": "GHSA-qgvw-v9xq-rjp9",
  "modified": "2022-05-24T19:12:48Z",
  "published": "2022-05-24T19:12:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35215"
    },
    {
      "type": "WEB",
      "url": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
    },
    {
      "type": "WEB",
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
    },
    {
      "type": "WEB",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2021-35215

Vulnerability from fkie_nvd - Published: 2021-09-01 15:15 - Updated: 2024-11-21 06:12

Severity ?

8.9 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.

References

URL	Tags
psirt@solarwinds.com	https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm	Broken Link
psirt@solarwinds.com	https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm	Product, Vendor Advisory
psirt@solarwinds.com	https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215	Patch, Vendor Advisory
psirt@solarwinds.com	https://www.zerodayinitiative.com/advisories/ZDI-21-1245/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm	Product, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-21-1245/	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	solarwinds	orion_platform	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70E2B14D-F48F-4CA2-8995-17F1FC30E091",
              "versionEndIncluding": "2020.2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "Se ha detectado una deserializaci\u00f3n insegura conllevando a una ejecuci\u00f3n de c\u00f3digo remota en Orion Platform versi\u00f3n 2020.2.5. Es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad"
    }
  ],
  "id": "CVE-2021-35215",
  "lastModified": "2024-11-21T06:12:04.613",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.9,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "psirt@solarwinds.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-01T15:15:08.797",
  "references": [
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
    },
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
    },
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
    },
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1245/"
    }
  ],
  "sourceIdentifier": "psirt@solarwinds.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "psirt@solarwinds.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-35215 (GCVE-0-2021-35215)

CERTFR-2021-AVI-651

Solution

CERTFR-2021-AVI-651

Solution

GSD-2021-35215

GHSA-QGVW-V9XQ-RJP9

FKIE_CVE-2021-35215

Tags

Sightings

Nomenclature