• Home
  • |
  • Blog
  • |
  • How To Fix CVE-2021-35244- A Remote Code Execution Vulnerability In SolarWinds Orion Platform
How to Fix CVE-2021-35244- A Remote Code Execution Vulnerability in SolarWinds Orion Platform

Recently, SolarWinds has responded to a remote code execution vulnerability found in the SolarWinds Orion Platform. It’s a pre-authenticated vulnerability with a CVSS score of 8.8 out of 10, which is high. There is a need to fix it. This post will see how to fix CVE-2021-35244- A Remote Code Execution vulnerability in the SolarWinds Orion Platform. 

Solarwinds Orion Platform:

The SolarWinds Orion Platform is a robust, scalable infrastructure monitoring and management platform designed to simplify the IT administration for hybrid, software as a service (SaaS), and hybrid environments in one place. With the SolarWinds Orion Platform, there is no need to struggle with various incompatible point monitoring products. It consolidates the entire suite of monitoring capabilities into single platforms with cross-stack integrated functionality. 

Summary Of The CVE-2021-35244:

The flaw exists because applications do not follow security restrictions properly. A remote user with Orion alert management privileges can leverage this vulnerability for performing an unrestricted file upload that causes a remote code execution

SolarWind Says, “The ‘Log alert to a file’ action inside the action management enables Orion Platform users with Orion alert management rights to write to a file. An attacker with Orion alert management privileges could use this vulnerability to perform an unrestricted file upload that can cause remote code execution.”

Associated CVE IDCVE-2021-35244
DescriptionA Remote Code Execution Vulnerability in SolarWinds Orion Platform
Associated ZDI IDZDI-CAN-13664
CVSS Score8.8 High
VectorCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Network
Attack Complexity (AC)Low
Privilege Required (PR)Low
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Version Affected By CVE-2021-35244- A Remote Code Execution

The Orion Platform from v2020.2.6 to v2020.2.6 HF2 are affected by the CVE-2021-35244 vulnerability.

Known Affected Software Configurations are:

  1. cpe:2.3:a:solarwinds:orion_platform
  2. cpe:2.3:a:solarwinds:orion_platform:2020.2.6
  3. cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1
  4. cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2

How To Fix CVE-2021-35244- A remote Code Execution Vulnerability?

The vulnerability is known to affect confidentiality, integrity, and availability. We recommend to install the hotfix released by SolarWinds to fix the CVE-2021-35244 vulnerability. Follow the steps to install the hotfix.

How to Install the HotFix on the SolarWinds Orion Platform?

It is possible to install HotFix in both online and offline environments. You should have an admin login of the SolarWinds Orion server and SolarWinds customer portal.

  1. Log in to the server hosting SolarWinds Orion

    Use an administrator account for logging into the server hosting SolarWinds Orion installation.

  2. Log in to the Customer Portal

    Access the SolarWinds Customer Portal at https://customerportal.solarwinds.com/. Please click here if you haven’t registered yet.

  3. Download and Install the HotFix Installer

    Click Downloads > Download Product. Ensure you selected the correct product and license tier to download the correct Online Installation file.

    To install the hotfix on an Orion Platform server with Internet access. Select the product and license tier and download the Online Installation file. The Orion Installer downloads and installs the hotfix for you.

    To install the hotfix on an Orion Platform server in the offline environment. Download the Hotfix Bundle for Products with Orion 2020.2.6, execute the installation file, and follow the installation wizard’s instructions.

    After applying the fix, the issue should no longer occur. For more information, visit the Orion Platform 2020.2.6 Hotfix 3 guid

We hope this post will help you know How to Fix CVE-2021-35244- A Remote Code Execution Vulnerability in SolarWinds Orion Platform. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page in FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

About the author

Arun KL

Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.