Description
The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.
References (4)
Core 4
Core References
Not Applicable, Vendor Advisory x_refsource_misc
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242
Vendor Advisory x_refsource_misc
https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm
Release Notes, Vendor Advisory x_refsource_misc
https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3?language=en_US
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-22-375/
Scores
CVSS v3
6.8
EPSS
0.2395
EPSS Percentile
96.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L
Details
CWE
CWE-434
Status
published
Products (2)
solarwinds/orion_platform
2020.2.6 (3 CPE variants)
solarwinds/orion_platform
< 2020.2.6
Published
Dec 20, 2021
Tracked Since
Feb 18, 2026