Detections
Analytics
SolarWinds Orion NPM < 10.3.1 Multiple Vulnerabilities
medium Nessus Plugin ID 62118
Language:
Synopsis
The remote web server hosts a web application that is affected by multiple vulnerabilities.Description
The remote web server hosts a version of SolarWinds Orion NPM prior to 10.3.1. It is, therefore, affected by the following vulnerabilities :- Multiple cross-site scripting vulnerabilities exist that allow arbitrary web scripts to be injected via the 'syslocation', 'syscontact', or 'sysName' fields of an 'snmpd.conf' file. (CVE-2012-2577)
- Multiple cross-site request forgery vulnerabilities exist that allow remote attackers to hijack the authentication of administrators for requests to create user accounts or modify their privileges via the 'CreateUserStepContainer' or 'ynAdminRights' actions to 'OrionAccount.aspx' or 'EditAccount.aspx' respectively. (CVE-2012-2602)
- An unspecified SQL injection vulnerability exists.
Solution
Upgrade to SolarWinds Orion NPM 10.3.1 or later.See Also
Plugin Details
Severity: Medium
ID: 62118
File Name: solarwinds_orion_npm_10_3_1.nasl
Version: 1.9
Type: remote
Family: CGI abuses
Published: 9/17/2012
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:solarwinds:orion_network_performance_monitor
Required KB Items: installed_sw/SolarWinds Orion Core
Exploit Available: true
Exploit Ease: No exploit is required
Patch Publication Date: 8/1/2012
Vulnerability Publication Date: 7/21/2012
Reference Information
CVE: CVE-2012-2577, CVE-2012-2602
BID: 54624