CVE-2014-9566

SolarWinds Orion Service - SQL Injection

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) before 11.5, NetFlow Traffic Analyzer (NTA) before 4.1, Network Configuration Manager (NCM) before 7.3.2, IP Address Manager (IPAM) before 4.3, User Device Tracker (UDT) before 3.2, VoIP & Network Quality Manager (VNQM) before 4.2, Server & Application Manager (SAM) before 6.2, Web Performance Monitor (WPM) before 2.2, and possibly other Solarwinds products, allow remote authenticated users to execute arbitrary SQL commands via the (1) dir or (2) sort parameter to the (a) GetAccounts or (b) GetAccountGroups endpoint.

Múltiples vulnerabilidades de inyección SQL en la página Manage Accounts en el servicio AccountManagement.asmx en Solarwinds Orion Platform 2015.1, utilizado en Network Performance Monitor (NPM) anterior a 11.5, NetFlow Traffic Analyzer (NTA) anterior a 4.1, Network Configuration Manager (NCM) anterior a 7.3.2, IP Address Manager (IPAM) anterior a 4.3, User Device Tracker (UDT) anterior a 3.2, VoIP & Network Quality Manager (VNQM) anterior a 4.2, Server & Application Manager (SAM) anterior a 6.2, Web Performance Monitor (WPM) anterior a 2.2, y posiblemente otros productos Solarwinds, permiten a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través del parámetro (1) dir o (2) sort en el endpoint (a) GetAccounts o (b) GetAccountGroups.

Various remote SQL injection vulnerabilities exist in the core Orion service used in most of the Solarwinds products. Affected products include Network Performance Monitor below version 11.5, NetFlow Traffic Analyzer below version 4.1, Network Configuration Manager below version 7.3.2, IP Address Manager below version 4.3, User Device Tracker below version 3.2, VoIP

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-01-07 CVE Reserved
2015-03-03 CVE Published
2015-03-04 First Exploit
2024-08-06 CVE Updated
2024-09-03 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CAPEC

References (8)

URL	Tag	Source
http://osvdb.org/show/osvdb/118746	Vdb Entry
https://github.com/rapid7/metasploit-framework/pull/4836	X_refsource_misc

URL	Date	SRC
https://www.exploit-db.com/exploits/36262	2015-03-04
http://packetstormsecurity.com/files/130637/Solarwinds-Orion-Service-SQL-Injection.html	2024-08-06
http://seclists.org/fulldisclosure/2015/Mar/18	2024-08-06
http://volatile-minds.blogspot.com/2015/02/authenticated-stacked-sql-injection-in.html	2024-08-06
http://www.exploit-db.com/exploits/36262	2024-08-06

URL	Date	SRC

URL	Date	SRC
http://www.solarwinds.com/documentation/orion/docs/releasenotes/releasenotes.htm	2015-03-11

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Solarwinds Search vendor "Solarwinds"		Orion Ip Address Manager Search vendor "Solarwinds" for product "Orion Ip Address Manager"				<= 4.2 Search vendor "Solarwinds" for product "Orion Ip Address Manager" and version " <= 4.2"		-		Affected
Solarwinds Search vendor "Solarwinds"		Orion Netflow Traffic Analyzer Search vendor "Solarwinds" for product "Orion Netflow Traffic Analyzer"				<= 4.0 Search vendor "Solarwinds" for product "Orion Netflow Traffic Analyzer" and version " <= 4.0"		-		Affected
Solarwinds Search vendor "Solarwinds"		Orion Network Configuration Manager Search vendor "Solarwinds" for product "Orion Network Configuration Manager"				<= 7.3.1 Search vendor "Solarwinds" for product "Orion Network Configuration Manager" and version " <= 7.3.1"		-		Affected
Solarwinds Search vendor "Solarwinds"		Orion Network Performance Monitor Search vendor "Solarwinds" for product "Orion Network Performance Monitor"				<= 11.4 Search vendor "Solarwinds" for product "Orion Network Performance Monitor" and version " <= 11.4"		-		Affected
Solarwinds Search vendor "Solarwinds"		Orion Server And Application Manager Search vendor "Solarwinds" for product "Orion Server And Application Manager"				<= 6.1 Search vendor "Solarwinds" for product "Orion Server And Application Manager" and version " <= 6.1"		-		Affected
Solarwinds Search vendor "Solarwinds"		Orion User Device Tracker Search vendor "Solarwinds" for product "Orion User Device Tracker"				<= 3.1 Search vendor "Solarwinds" for product "Orion User Device Tracker" and version " <= 3.1"		-		Affected
Solarwinds Search vendor "Solarwinds"		Orion Voip \& Network Quality Manager Search vendor "Solarwinds" for product "Orion Voip \& Network Quality Manager"				<= 4.1 Search vendor "Solarwinds" for product "Orion Voip \& Network Quality Manager" and version " <= 4.1"		-		Affected
Solarwinds Search vendor "Solarwinds"		Orion Web Performance Monitor Search vendor "Solarwinds" for product "Orion Web Performance Monitor"				<= 2.1 Search vendor "Solarwinds" for product "Orion Web Performance Monitor" and version " <= 2.1"		-		Affected