SolarWinds Orion Fix Another Critical RCE Vulnerability
Enterprise IT management solutions maker SolarWinds released a security update on Thursday March 25th that addresses four vulnerabilities in the Orion platform.
Two fixed vulnerabilities (no CVE ID assigned to them yet) allow remote code execution. The most dangerous of these is the JSON deserialization vulnerability. It allows an authorized user to execute arbitrary code through the test notification function in the Orion web console, which simulates network events (for example, no response from the server) that can trigger corresponding notifications.
The second vulnerability affects the Orion Job Scheduler. However, in order to exploit it, an attacker must first obtain the credentials of an unprivileged local user, Orion Server.
Another highly dangerous vulnerability is CVE-2020-35856. The issue affects the Add Users tab on the View Settings page and allows cross-site scripting (XSS). It requires the Orion platform administrator rights to operate.
The fourth vulnerability (CVE-2021-3109) is the reverse tabnabbing / Open Redirect on the menu settings page. The problem is medium hazard. It requires the Orion platform administrator rights to operate.
In order to avoid possible attacks with the exploitation of the above vulnerabilities, users are strongly recommended to install the Orion Platform 2020.2.5 version.