Описание
Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.
Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-35215
- https://documentation.solarwinds.co/enm/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm
- https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35215
- https://www.zerodayinitiative.com/advisories/ZDI-21-1245
Связанные уязвимости
CVSS3: 8.9
nvd
больше 4 лет назад
Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.
CVSS3: 8.9
fstec
больше 4 лет назад
Уязвимость компонента ActionPluginBaseView программного обеспечения сетевого мониторинга SolarWinds Orion Platform, позволяющая нарушителю выполнить произвольный код