CVE-2024-0692 - OpenCVE

The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

No data.

No data.

References

Link	Resource
https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2023-4-1_release_notes.htm
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-0692

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: SolarWinds

Published: 2024-03-01T08:55:35.848Z

Updated: 2024-03-01T08:55:35.848Z

Reserved: 2024-01-18T16:13:31.605Z

Link: CVE-2024-0692

JSON object: View

NVD Information

Status : Awaiting Analysis

Published: 2024-03-01T09:15:09.600

Modified: 2024-03-01T14:04:04.827

Link: CVE-2024-0692

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2024-0692", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "state": "PUBLISHED", "assignerShortName": "SolarWinds", "dateReserved": "2024-01-18T16:13:31.605Z", "datePublished": "2024-03-01T08:55:35.848Z", "dateUpdated": "2024-03-01T08:55:35.848Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Security Event Manager ", "vendor": "SolarWinds ", "versions": [{"status": "affected", "version": "2023.4 and previous versions "}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Anonymous working with Trend Micro Zero Day Initiative"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds\u2019 service, resulting in remote code execution."}], "value": "The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds\u2019 service, resulting in remote code execution."}], "impacts": [{"capecId": "CAPEC-201", "descriptions": [{"lang": "en", "value": "CAPEC-201: Serialized Data External Linking"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "CWE-502 Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2024-03-01T08:55:35.848Z"}, "references": [{"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-0692"}, {"url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2023-4-1_release_notes.htm"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nSolarWinds recommends that customers upgrade to the SolarWinds Security Event Manager 2023.4.1 "}], "value": "\nSolarWinds recommends that customers upgrade to the SolarWinds Security Event Manager 2023.4.1\u00a0"}], "source": {"discovery": "UNKNOWN"}, "title": "SolarWinds Security Event Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}