The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.
References
Link | Resource |
---|---|
https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm | Vendor Advisory |
https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US | Release Notes Vendor Advisory |
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242 | Not Applicable Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-22-375/ | Third Party Advisory VDB Entry |
https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm | Vendor Advisory |
https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US | Release Notes Vendor Advisory |
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242 | Not Applicable Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-22-375/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 06:12
Type | Values Removed | Values Added |
---|---|---|
References | () https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm - Vendor Advisory | |
References | () https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US - Release Notes, Vendor Advisory | |
References | () https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242 - Not Applicable, Vendor Advisory | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-22-375/ - Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 8.5
v3 : 6.8 |
Information
Published : 2021-12-20 21:15
Updated : 2024-11-21 06:12
NVD link : CVE-2021-35244
Mitre link : CVE-2021-35244
CVE.ORG link : CVE-2021-35244
JSON object : View
Products Affected
solarwinds
- orion_platform
microsoft
- windows
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type