SolarWinds Orion Job Scheduler Remote Code Execution Vulnerability

(CVE-2021-31475)

Summary

The vulnerability can be used to achieve authenticated RCE as Administrator. In order to exploit this, an attacker first needs to know the credentials of an unprivileged local account on the Orion Server.

Affected Products

Orion Platform 2020.2.1 HF2 and earlier

Fixed Software Release

Orion
Platform 2020.2.5

Acknowledgments

Harrison Neal
ZDI Trend Micro

Advisory Details

Severity

8.8 High

Advisory ID

CVE-2021-31475

First Published

03/25/2021

Fixed Version

Orion Platform 2020.2.5

CVSS Score

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U
/C:H/I:H/A:H