Security News > 2021 > March > Another Critical RCE Flaw Discovered in SolarWinds Orion Platform
IT infrastructure management provider SolarWinds on Thursday released a new update to its Orion networking monitoring tool with fixes for four security vulnerabilities, counting two weaknesses that could be exploited by an authenticated attacker to achieve remote code execution.
Chief among them is a JSON deserialization flaw that allows an authenticated user to execute arbitrary code via the test alert actions feature available in the Orion Web Console, which lets users simulate network events that can be configured to trigger an alert during setup.
A second issue concerns a high-risk vulnerability that could be leveraged by an adversary to achieve RCE in the Orion Job Scheduler.
"In order to exploit this, an attacker first needs to know the credentials of an unprivileged local account on the Orion Server," SolarWinds said in its release notes.
Besides the aforementioned two flaws, the update squashes two other bugs, including a high-severity stored cross-site scripting vulnerability in the "Add custom tab" within customize view page and a reverse tabnabbing and open redirect vulnerability in the custom menu item options page, both of which require an Orion administrator account for successful exploitation.
Orion users are recommended to update to the latest release, "Orion Platform 2020.2.5," to mitigate the risk associated with the security issues.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/NGekw-vTDig/solarwinds-orion-vulnerability.html
Related news
- SolarWinds fixes critical RCE bug affecting all Web Help Desk versions (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks (source)
- SolarWinds fixes 8 critical bugs in access rights audit software (source)
- SolarWinds Patches 8 Critical Flaws in Access Rights Manager Software (source)
- Progress warns of critical RCE bug in Telerik Report Server (source)
- Critical ServiceNow RCE flaws actively exploited to steal credentials (source)
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327) (source)
- Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) (source)