Table of Contents
  • Home
  • /
  • Blog
  • /
  • How To Fix CVE-2021-35244- A Remote Code Execution Vulnerability In SolarWinds Orion Platform
February 20, 2022
|
4m

How To Fix CVE-2021-35244- A Remote Code Execution Vulnerability In SolarWinds Orion Platform


How To Fix Cve 2021 35244 A Remote Code Execution Vulnerability In Solarwinds Orion Platform

Recently, SolarWinds has responded to a remote code execution vulnerability found in the SolarWinds Orion Platform. It’s a pre-authenticated vulnerability with a CVSS score of 8.8 out of 10, which is high. There is a need to fix it. This post will see how to fix CVE-2021-35244- A Remote Code Execution vulnerability in the SolarWinds Orion Platform. 

Solarwinds Orion Platform:

The SolarWinds Orion Platform is a robust, scalable infrastructure monitoring and management platform designed to simplify the IT administration for hybrid, software as a service (SaaS), and hybrid environments in one place. With the SolarWinds Orion Platform, there is no need to struggle with various incompatible point monitoring products. It consolidates the entire suite of monitoring capabilities into single platforms with cross-stack integrated functionality. 

Summary Of The CVE-2021-35244:

The flaw exists because applications do not follow security restrictions properly. A remote user with Orion alert management privileges can leverage this vulnerability for performing an unrestricted file upload that causes a remote code execution

SolarWind Says, “The ‘Log alert to a file’ action inside the action management enables Orion Platform users with Orion alert management rights to write to a file. An attacker with Orion alert management privileges could use this vulnerability to perform an unrestricted file upload that can cause remote code execution.”

Associated CVE IDCVE-2021-35244
DescriptionA Remote Code Execution Vulnerability in SolarWinds Orion Platform
Associated ZDI IDZDI-CAN-13664
CVSS Score8.8 High
VectorCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Network
Attack Complexity (AC)Low
Privilege Required (PR)Low
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Version Affected By CVE-2021-35244- A Remote Code Execution

The Orion Platform from v2020.2.6 to v2020.2.6 HF2 are affected by the CVE-2021-35244 vulnerability.

Known Affected Software Configurations are:

  1. cpe:2.3:a:solarwinds:orion_platform

  2. cpe:2.3:a:solarwinds:orion_platform:2020.2.6

  3. cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1

  4. cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2

How To Fix CVE-2021-35244- A remote Code Execution Vulnerability?

The vulnerability is known to affect confidentiality, integrity, and availability. We recommend to install the hotfix released by SolarWinds to fix the CVE-2021-35244 vulnerability. Follow the steps to install the hotfix.

How to Install the HotFix on the SolarWinds Orion Platform?

It is possible to install HotFix in both online and offline environments. You should have an admin login of the SolarWinds Orion server and SolarWinds customer portal.

Step 1. Log in to the server hosting SolarWinds Orion

Use an administrator account for logging into the server hosting SolarWinds Orion installation.

Step 2. Log in to the Customer Portal

Access the SolarWinds Customer Portal at https://customerportal.solarwinds.com/. Please click here if you haven’t registered yet.

Step 3. Download and Install the HotFix Installer

Click Downloads > Download Product. Ensure you selected the correct product and license tier to download the correct Online Installation file.
To install the hotfix on an Orion Platform server with Internet access. Select the product and license tier and download the Online Installation file. The Orion Installer downloads and installs the hotfix for you.
To install the hotfix on an Orion Platform server in the offline environment. Download the Hotfix Bundle for Products with Orion 2020.2.6, execute the installation file, and follow the installation wizard’s instructions.
After applying the fix, the issue should no longer occur. For more information, visit the 
Orion Platform 2020.2.6 Hotfix 3 guid

We hope this post would help you know How to Fix CVE-2021-35244- A Remote Code Execution Vulnerability in SolarWinds Orion Platform. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page in FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

You may also like these articles:

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Vulnerabilities

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe