Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for orion_job_scheduler by solarwinds

    CVE-2021-31475 (GCVE-0-2021-31475)

    Vulnerability from nvd – Published: 2021-05-21 14:40 – Updated: 2024-08-03 23:03
    VLAI
    Summary
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service configuration, which allows a critical resource to be accessed by unprivileged users. An attacker can leverage this vulnerability to execute code in the context of an administrator. Was ZDI-CAN-12007.
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    SolarWinds Orion Job Scheduler Affected: 2020.2.1 HF 2
    Create a notification for this product.
    Credits
    Harrison Neal
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:03:32.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-605/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-5_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Orion Job Scheduler",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "2020.2.1 HF 2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Harrison Neal"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service configuration, which allows a critical resource to be accessed by unprivileged users. An attacker can leverage this vulnerability to execute code in the context of an administrator. Was ZDI-CAN-12007."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-21T14:40:15.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-605/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-5_release_notes.htm"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-31475",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Orion Job Scheduler",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2020.2.1 HF 2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "SolarWinds"
                  }
                ]
              }
            },
            "credit": "Harrison Neal",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service configuration, which allows a critical resource to be accessed by unprivileged users. An attacker can leverage this vulnerability to execute code in the context of an administrator. Was ZDI-CAN-12007."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-732: Incorrect Permission Assignment for Critical Resource"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-605/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-605/"
                },
                {
                  "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-5_release_notes.htm",
                  "refsource": "MISC",
                  "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-5_release_notes.htm"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-31475",
        "datePublished": "2021-05-21T14:40:15.000Z",
        "dateReserved": "2021-04-16T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:03:32.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-31475 (GCVE-0-2021-31475)

    Vulnerability from cvelistv5 – Published: 2021-05-21 14:40 – Updated: 2024-08-03 23:03
    VLAI
    Summary
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service configuration, which allows a critical resource to be accessed by unprivileged users. An attacker can leverage this vulnerability to execute code in the context of an administrator. Was ZDI-CAN-12007.
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    SolarWinds Orion Job Scheduler Affected: 2020.2.1 HF 2
    Create a notification for this product.
    Credits
    Harrison Neal
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:03:32.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-605/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-5_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Orion Job Scheduler",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "2020.2.1 HF 2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Harrison Neal"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service configuration, which allows a critical resource to be accessed by unprivileged users. An attacker can leverage this vulnerability to execute code in the context of an administrator. Was ZDI-CAN-12007."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-21T14:40:15.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-605/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-5_release_notes.htm"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-31475",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Orion Job Scheduler",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2020.2.1 HF 2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "SolarWinds"
                  }
                ]
              }
            },
            "credit": "Harrison Neal",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service configuration, which allows a critical resource to be accessed by unprivileged users. An attacker can leverage this vulnerability to execute code in the context of an administrator. Was ZDI-CAN-12007."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-732: Incorrect Permission Assignment for Critical Resource"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-605/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-605/"
                },
                {
                  "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-5_release_notes.htm",
                  "refsource": "MISC",
                  "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-5_release_notes.htm"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-31475",
        "datePublished": "2021-05-21T14:40:15.000Z",
        "dateReserved": "2021-04-16T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:03:32.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }