CVE-2019-8917
CRITICALSolarwinds Orion Network Performance Monitor - Remote Code Execution
Title source: ruleDescription
SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may be abused by an attacker to execute commands as the SYSTEM user.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107061
Third Party Advisory x_refsource_misc
https://github.com/VerSprite/research/blob/master/advisories/VS-2019-001.md
Scores
CVSS v3
9.8
EPSS
0.3598
EPSS Percentile
97.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
solarwinds/orion_network_performance_monitor
< 12.4
Published
Feb 18, 2019
Tracked Since
Feb 18, 2026