Home  >  CVE-2021-25274
CVE Details for CVE: CVE-2021-25274
Summary
The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem.
Timestamps
Last major update 08-02-2021 - 14:56
Published 03-02-2021 - 17:15
Last modified 08-02-2021 - 14:56
References
Vulnerable Configurations
  • cpe:2.3:a:solarwinds:orion_platform:2016.1:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2016.1:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2016.1:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2016.1:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2016.1:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2016.1:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2016.1:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2016.1:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2016.1:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2016.1:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2016.2:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2016.2:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2016.2:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2016.2:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2016.2:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2016.2:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.1:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.1:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.1:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.1:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.1:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.1:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.1:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.1:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.3:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.3:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix5:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2017.3:hotfix5:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.2:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.2:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix5:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix5:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix6:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.2:hotfix6:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.4:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.4:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2018.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.2:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.2:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.2:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.2:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.2:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.2:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.2:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.2:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.4:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.4:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2019.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2019.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2020.2:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2020.2:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2020.2:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2020.2:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2020.2.1:-:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2020.2.1:-:*:*:*:*:*:*
  • cpe:2.3:a:solarwinds:orion_platform:2020.2.1:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:solarwinds:orion_platform:2020.2.1:hotfix1:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
  • An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.
CWE
CWE-502
CVSS
Base
10.0
Impact
10.0
Exploitability
10.0
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
CVSS3
Base
9.8
Impact
5.9
Exploitability
3.9
Access
Attack ComplexityAttack vectorPrivileges RequiredScopeUser Interaction
LOW NETWORK NONE UNCHANGED NONE
Impact
ConfidentialityIntegrityAvailability
HIGH HIGH HIGH
VIA4 references
cvss-vector via4
AV:N/AC:L/Au:N/C:C/I:C/A:C
cvss3-vector via4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H