CVE-2021-25274
Summary
| CVE | CVE-2021-25274 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-02-03 17:15:00 UTC |
| Updated | 2021-02-08 14:56:00 UTC |
| Description | The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem. |
Risk And Classification
Problem Types: CWE-502
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Solarwinds | Orion Platform | All | All | All | All |
| Application | Solarwinds | Orion Platform | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities | Trustwave | MISC | www.trustwave.com | Exploit, Patch, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.