CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-35244 – Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6
https://notcve.org/view.php?id=CVE-2021-35244
20 Dec 2021 — The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution. La acción "Log alert to a file" dentro de la administración de acciones permite a cualquier usuario de Orion Platform con derechos de administración de alertas de Orion escribir en cualquier archivo. Un atacante con d... • https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-35248 – Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users
https://notcve.org/view.php?id=CVE-2021-35248
20 Dec 2021 — It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings. Se ha informado de que cualquier usuario de Orion, por ejemplo, las cuentas de invitados pueden consultar la entidad Orion.UserSettings y enumerar los usuarios y su configuración básica • https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.9EPSS: 10%CPEs: 1EXPL: 0CVE-2021-35218 – Chart Endpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-35218
01 Sep 2021 — Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server Una deserialización de Datos no Confiables en el Endpoint de la Consola Web puede conllevar a una ejecución de código remota. Un atacante no autorizado que tenga acceso a la red de la Consola Web de Orion Patch Manager podría potencialmente explotar esto y comprome... • https://documentation.solarwinds.com/en/success_center/patchman/content/release_notes/patchman_2020-2-6_release_notes.htm • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.9EPSS: 4%CPEs: 1EXPL: 1CVE-2021-35215 – ActionPluginBaseView Deserialization of Untrusted Data RCE
https://notcve.org/view.php?id=CVE-2021-35215
01 Sep 2021 — Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability. Se ha detectado una deserialización insegura conllevando a una ejecución de código remota en Orion Platform versión 2020.2.5. Es requerida una autenticación para explotar esta vulnerabilidad This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required ... • https://github.com/Y4er/CVE-2021-35215 • CWE-502: Deserialization of Untrusted Data •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-35238 – Stored XSS through URL POST parameter in CreateExternalWebsite Vulnerability
https://notcve.org/view.php?id=CVE-2021-35238
01 Sep 2021 — User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website. Un usuario con derechos de Administrador de la Plataforma Orion podría almacenar una vulnerabilidad de tipo XSS mediante el parámetro URL POST en el sitio web CreateExternalWebsite • https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 1%CPEs: 5EXPL: 0CVE-2021-35212 – Blind SQL injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-35212
31 Aug 2021 — An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user. Se ha detectado una Vulnerabilidad de Escalada de Privilegios por inyección SQL en la plataforma Orion, reportada por el Equipo de ZDI. Una inyección SQL booleana ciega que podría conllevar a una lectura y escritura completa sobre el conte... • https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-35213 – Orion User setting Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-35213
31 Aug 2021 — An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability. Se ha detectado una vulnerabilidad de Escalada de Privilegios por Control de Acceso Inapropiado en la configuración de usuario de Orion Platform versión 2020.2.5. Permite a un usuario invitado elevar privilegios a Administrador us... • https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-35240 – Stored XSS via Help Server settings
https://notcve.org/view.php?id=CVE-2021-35240
31 Aug 2021 — A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'. Un investigador de seguridad almacenó un ataque de tipo XSS por medio de una configuración del Servidor de Ayuda. Esto afecta a clientes usando Internet Explorer, porque no soportan "rel=noopener" • https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-35239 – Stored XSS in Maps text box hyperlink Vulnerability
https://notcve.org/view.php?id=CVE-2021-35239
31 Aug 2021 — A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink. Un investigador de seguridad ha detectado que un usuario con derechos de administración de mapas de Orion podía almacenar una vulnerabilidad de tipo XSS mediante un hipervínculo de cuadro de texto • https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2021-35222 – Resource.aspx Reflected Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2021-35222
31 Aug 2021 — This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page. Esta vulnerabilidad permite a atacantes hacerse pasar por usuarios y llevar a cabo acciones arbitrarias que conllevan a una Ejecución de Código Remota (RCE) desde la página Alerts Settings • https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •