Description:
Multiple vulnerabilities have been reported in SolarWinds Orion Platform and SolarWinds Network Performance Monitor, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, manipulate certain data, and compromise a vulnerable system.
Software Vulnerability Manager (SVM)
Login to your SVM console and go to results > Advisory Smart Groups > Zero-day Advisories > Click on All Advisories Check box
Software Vulnerability Research (SVR)
Login to your SVR console and go to Research > Type in Solarwinds in the search bar
Solution:
Update to version 2019.4 HF 6 or 2020.2.1 HF 1. Note: The vendor additionally recommends to update to version 2020.2.1 HF 2 when available (scheduled to be released on December 15, 2020).
Dec 16, 2020 04:15 AM - edited Dec 16, 2020 08:59 AM