Command injection

2022-11-2921:15:00

PRIOn knowledge base

www.prio-n.com

solarwinds

command injection

vulnerability

remote adversary

arbitrary commands

0.002 Low

EPSS

Percentile

62.0%

JSON

SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.

CPENameOperatorVersion
orion_platformeq2020.2.6
orion_platformlt2020.2.6
orion_platformeq2020.2.6 hotfix1
orion_platformeq2020.2.6 hotfix2
orion_platformeq2020.2.6 hotfix3
orion_platformeq2020.2.6 hotfix4
orion_platformeq2020.2.6 hotfix5
orion_platformeq2022.2
orion_platformeq2022.3

Name	Operator	Version
orion_platform	eq	2020.2.6
orion_platform	lt	2020.2.6
orion_platform	eq	2020.2.6 hotfix1
orion_platform	eq	2020.2.6 hotfix2
orion_platform	eq	2020.2.6 hotfix3
orion_platform	eq	2020.2.6 hotfix4
orion_platform	eq	2020.2.6 hotfix5
orion_platform	eq	2022.2
orion_platform	eq	2022.3