cvelistv5 - cve-2021-35217

CVE-2021-35217 (GCVE-0-2021-35217)

Vulnerability from cvelistv5 – Published: 2021-09-08 13:15 – Updated: 2024-09-16 20:58

Summary

Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.

Severity ?

8.9 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

CWE

Insecure Deserialization of untrusted data causing Remote code execution vulnerability.

Assigner

SolarWinds

References

URL

Tags

	https://documentation.solarwinds.com/en/success_c…	x_refsource_MISC
	https://documentation.solarwinds.com/en/success_c…	x_refsource_MISC
	https://www.solarwinds.com/trust-center/security-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	SolarWinds	Orion Platform	Affected: 2020.2.5 and previous versions , < 2020.2.6 (custom)

Credits

Jangggggg working with Trend Micro Zero Day Initiative

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:33:51.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Orion Platform",
          "vendor": "SolarWinds",
          "versions": [
            {
              "lessThan": "2020.2.6",
              "status": "affected",
              "version": "2020.2.5 and previous versions",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jangggggg working with Trend Micro Zero Day Initiative"
        }
      ],
      "datePublic": "2021-09-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-28T11:06:23",
        "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "shortName": "SolarWinds"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "SolarWinds  recommends  upgrading  to  both  the  latest  version  of Patch Manager and Orion Integration Module as soon as it becomes available."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability.",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@solarwinds.com",
          "DATE_PUBLIC": "2021-09-02T13:14:00.000Z",
          "ID": "CVE-2021-35217",
          "STATE": "PUBLIC",
          "TITLE": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Orion Platform",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "2020.2.5 and previous versions",
                            "version_value": "2020.2.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SolarWinds"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Jangggggg working with Trend Micro Zero Day Initiative"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm",
              "refsource": "MISC",
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
            },
            {
              "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm",
              "refsource": "MISC",
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
            },
            {
              "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217",
              "refsource": "MISC",
              "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "SolarWinds  recommends  upgrading  to  both  the  latest  version  of Patch Manager and Orion Integration Module as soon as it becomes available."
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
    "assignerShortName": "SolarWinds",
    "cveId": "CVE-2021-35217",
    "datePublished": "2021-09-08T13:15:03.615945Z",
    "dateReserved": "2021-06-22T00:00:00",
    "dateUpdated": "2024-09-16T20:58:13.615Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:solarwinds:patch_manager:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2020.2.5\", \"matchCriteriaId\": \"C22D4A7B-2EC9-4BCE-A862-F58DF5994A0C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado una vulnerabilidad de ejecuci\\u00f3n de c\\u00f3digo remota en una Deserializaci\\u00f3n de datos no confiables en el m\\u00f3dulo de integraci\\u00f3n de la plataforma Orion de Patch Manager y nos fue reportada por ZDI. Un atacante autenticado podr\\u00eda explotarla al ejecutar la deserializaci\\u00f3n de datos no confiables de WSAsyncExecuteTasks\"}]",
      "id": "CVE-2021-35217",
      "lastModified": "2024-11-21T06:12:04.887",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@solarwinds.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\", \"baseScore\": 8.9, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-09-08T14:15:12.117",
      "references": "[{\"url\": \"https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-21-1247/\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-21-1247/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "psirt@solarwinds.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-35217\",\"sourceIdentifier\":\"psirt@solarwinds.com\",\"published\":\"2021-09-08T14:15:12.117\",\"lastModified\":\"2024-11-21T06:12:04.887\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en una Deserializaci\u00f3n de datos no confiables en el m\u00f3dulo de integraci\u00f3n de la plataforma Orion de Patch Manager y nos fue reportada por ZDI. Un atacante autenticado podr\u00eda explotarla al ejecutar la deserializaci\u00f3n de datos no confiables de WSAsyncExecuteTasks\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\",\"baseScore\":8.9,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:solarwinds:patch_manager:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2020.2.5\",\"matchCriteriaId\":\"C22D4A7B-2EC9-4BCE-A862-F58DF5994A0C\"}]}]}],\"references\":[{\"url\":\"https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-1247/\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-1247/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

GHSA-MR2H-FCF6-JVX9

Vulnerability from github – Published: 2022-05-24 19:13 – Updated: 2022-05-24 19:13

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-35217"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-08T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.",
  "id": "GHSA-mr2h-fcf6-jvx9",
  "modified": "2022-05-24T19:13:40Z",
  "published": "2022-05-24T19:13:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35217"
    },
    {
      "type": "WEB",
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
    },
    {
      "type": "WEB",
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
    },
    {
      "type": "WEB",
      "url": "https://support.solarwinds.com/SuccessCenter/s/article/Patch-Manager-2020-2-6-Hotfix-1-Release-Notes?language=en_US"
    },
    {
      "type": "WEB",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTFR-2021-AVI-651

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SolarWinds	Orion Platform	Orion Platform versions 2019.4 antérieures à 2019.4.2
SolarWinds	N/A	Dameware versions 12.0.1.2008 antérieures à 12.2
SolarWinds	N/A	Patch Manager versions 2020.2.5 antérieures à 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2020.2.5 antérieures à 2020.2.5 HF1 ou 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2019.2 antérieures à 2019.2 HF4
SolarWinds	Orion Platform	Orion Platform versions 2020.2.4 antérieures à 2020.2.5 HF1 ou 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2020.2.1 antérieures à 2020.2.5 HF1 ou 2020.2.6

References

Title

Publication Time

Tags

Bulletin de sécurité SolarWinds cve-2021-35216 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35212 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35218 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35215 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-31217 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35213 du 23 août 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Orion Platform versions 2019.4 ant\u00e9rieures \u00e0 2019.4.2",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Dameware versions 12.0.1.2008 ant\u00e9rieures \u00e0 12.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Patch Manager versions 2020.2.5 ant\u00e9rieures \u00e0 2020.2.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.5 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2019.2 ant\u00e9rieures \u00e0 2019.2 HF4",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.4 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.1 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-35213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35213"
    },
    {
      "name": "CVE-2021-35212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35212"
    },
    {
      "name": "CVE-2021-35218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35218"
    },
    {
      "name": "CVE-2021-35217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35217"
    },
    {
      "name": "CVE-2021-35216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35216"
    },
    {
      "name": "CVE-2021-35215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35215"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-651",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35216 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35212 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35218 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35215 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-31217 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-31217"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35213 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213"
    }
  ]
}

CERTFR-2021-AVI-651

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SolarWinds	Orion Platform	Orion Platform versions 2019.4 antérieures à 2019.4.2
SolarWinds	N/A	Dameware versions 12.0.1.2008 antérieures à 12.2
SolarWinds	N/A	Patch Manager versions 2020.2.5 antérieures à 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2020.2.5 antérieures à 2020.2.5 HF1 ou 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2019.2 antérieures à 2019.2 HF4
SolarWinds	Orion Platform	Orion Platform versions 2020.2.4 antérieures à 2020.2.5 HF1 ou 2020.2.6
SolarWinds	Orion Platform	Orion Platform versions 2020.2.1 antérieures à 2020.2.5 HF1 ou 2020.2.6

References

Title

Publication Time

Tags

Bulletin de sécurité SolarWinds cve-2021-35216 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35212 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35218 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35215 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-31217 du 23 août 2021	None	vendor-advisory
Bulletin de sécurité SolarWinds cve-2021-35213 du 23 août 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Orion Platform versions 2019.4 ant\u00e9rieures \u00e0 2019.4.2",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Dameware versions 12.0.1.2008 ant\u00e9rieures \u00e0 12.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Patch Manager versions 2020.2.5 ant\u00e9rieures \u00e0 2020.2.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.5 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2019.2 ant\u00e9rieures \u00e0 2019.2 HF4",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.4 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    },
    {
      "description": "Orion Platform versions 2020.2.1 ant\u00e9rieures \u00e0 2020.2.5 HF1 ou 2020.2.6",
      "product": {
        "name": "Orion Platform",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-35213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35213"
    },
    {
      "name": "CVE-2021-35212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35212"
    },
    {
      "name": "CVE-2021-35218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35218"
    },
    {
      "name": "CVE-2021-35217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35217"
    },
    {
      "name": "CVE-2021-35216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35216"
    },
    {
      "name": "CVE-2021-35215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35215"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-651",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSolarWinds. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35216 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35212 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35212"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35218 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35218"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35215 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-31217 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-31217"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2021-35213 du 23 ao\u00fbt 2021",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213"
    }
  ]
}

FKIE_CVE-2021-35217

Vulnerability from fkie_nvd - Published: 2021-09-08 14:15 - Updated: 2024-11-21 06:12

Severity ?

8.9 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@solarwinds.com	https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm	Vendor Advisory
psirt@solarwinds.com	https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm	Release Notes, Vendor Advisory
psirt@solarwinds.com	https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217	Vendor Advisory
psirt@solarwinds.com	https://www.zerodayinitiative.com/advisories/ZDI-21-1247/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-21-1247/	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	solarwinds	patch_manager	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:solarwinds:patch_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C22D4A7B-2EC9-4BCE-A862-F58DF5994A0C",
              "versionEndIncluding": "2020.2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
    },
    {
      "lang": "es",
      "value": "Se ha detectado una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en una Deserializaci\u00f3n de datos no confiables en el m\u00f3dulo de integraci\u00f3n de la plataforma Orion de Patch Manager y nos fue reportada por ZDI. Un atacante autenticado podr\u00eda explotarla al ejecutar la deserializaci\u00f3n de datos no confiables de WSAsyncExecuteTasks"
    }
  ],
  "id": "CVE-2021-35217",
  "lastModified": "2024-11-21T06:12:04.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.9,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "psirt@solarwinds.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-08T14:15:12.117",
  "references": [
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
    },
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
    },
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
    },
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
    }
  ],
  "sourceIdentifier": "psirt@solarwinds.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2021-35217

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-35217

Aliases

CVE-2021-35217

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-35217",
    "description": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.",
    "id": "GSD-2021-35217"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-35217"
      ],
      "details": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.",
      "id": "GSD-2021-35217",
      "modified": "2023-12-13T01:23:27.845053Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@solarwinds.com",
        "DATE_PUBLIC": "2021-09-02T13:14:00.000Z",
        "ID": "CVE-2021-35217",
        "STATE": "PUBLIC",
        "TITLE": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability. "
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Orion Platform ",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "2020.2.5 and previous versions",
                          "version_value": "2020.2.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "SolarWinds"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Jangggggg working with Trend Micro Zero Day Initiative "
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.9,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability."
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm",
            "refsource": "MISC",
            "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
          },
          {
            "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm",
            "refsource": "MISC",
            "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
          },
          {
            "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217",
            "refsource": "MISC",
            "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "SolarWinds  recommends  upgrading  to  both  the  latest  version  of Patch Manager and Orion Integration Module as soon as it becomes available."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:solarwinds:patch_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2020.2.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@solarwinds.com",
          "ID": "CVE-2021-35217"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-502"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm"
            },
            {
              "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217"
            },
            {
              "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1247/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-11-03T20:22Z",
      "publishedDate": "2021-09-08T14:15Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-35217 (GCVE-0-2021-35217)

GHSA-MR2H-FCF6-JVX9

CERTFR-2021-AVI-651

Solution

CERTFR-2021-AVI-651

Solution

FKIE_CVE-2021-35217

GSD-2021-35217

Tags

Sightings

Nomenclature