The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.
References
Link | Resource |
---|---|
https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm | Vendor Advisory |
https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US | Release Notes Vendor Advisory |
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242 | Not Applicable Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-22-375/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-12-20 13:15
Updated : 2022-03-17 10:54
NVD link : CVE-2021-35244
Mitre link : CVE-2021-35244
JSON object : View
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type
Products Affected
microsoft
- windows
solarwinds
- orion_platform