{"vulnerability": "cve-2021-35247", "sightings": [{"uuid": "60579e76-9a5e-4eba-bf02-5a8c3a35974b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "seen", "source": "https://t.me/arpsyndicate/804", "content": "#ExploitObserverAlert\n\nCVE-2021-35247\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-35247. Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.\n\nFIRST-EPSS: 0.008090000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2023-11-30T08:51:50.000000Z"}, {"uuid": "547ca9bc-88f6-4fdd-92d6-133491768c68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "seen", "source": "https://t.me/arpsyndicate/1457", "content": "#ExploitObserverAlert\n\nCVE-2021-35247\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-35247. Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.\n\nFIRST-EPSS: 0.008090000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T10:40:28.000000Z"}, {"uuid": "574abb43-3d6d-48da-9aa3-883df3c606e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "seen", "source": "https://t.me/true_secator/2540", "content": "\u200b\u200bSolarWinds \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Serv-U, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a Log4j \u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0441\u0435\u0442\u0438.\n \nCVE-2021-35247 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0414\u0436\u043e\u043d\u0430\u0442\u0430\u043d\u043e\u043c \u0411\u0430\u0440 \u041e\u0440\u043e\u043c \u0438\u0437 Microsoft \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Log4j.\n \n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0432\u043e\u0434\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441 \u0441 \u0443\u0447\u0435\u0442\u043e\u043c \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0435\u0433\u043e \u0432 \u043d\u0435\u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u043c \u0432\u0438\u0434\u0435. \u042d\u043a\u0440\u0430\u043d \u0432\u0435\u0431-\u0432\u0445\u043e\u0434\u0430 Serv-U \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 LDAP \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u043c\u0432\u043e\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0447\u0438\u0449\u0435\u043d\u044b.\n \n\u041e\u0448\u0438\u0431\u043a\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0445\u043e\u0434\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Serv-U 15.3 \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u0432\u0432\u043e\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0443. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 CVE-2021-35247.\n \n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043e\u043f\u0440\u043e\u0432\u0435\u0440\u0433 \u0432\u044b\u0432\u043e\u0434\u044b \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u044b LDAP \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u044b, \u0447\u0442\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0440\u0435\u0447\u0438\u0442 \u043e\u0442\u0447\u0435\u0442\u0430\u043c Microsoft.\n \n\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435\u044f\u0441\u043d\u043e, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043b\u0438 \u0432 \u0438\u0442\u043e\u0433\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a Log4j, \u043a\u0430\u043a \u0437\u0430\u0432\u0435\u0440\u044f\u0435\u0442 Microsoft, \u0438\u043b\u0438 \u0436\u0435 \u043f\u043e\u0442\u0435\u0440\u043f\u0435\u043b\u0438 \u043d\u0435\u0443\u0434\u0430\u0447\u0443. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0431\u044d\u043a\u0433\u0440\u0430\u0443\u043d\u0434 SolarWinds, \u043e\u0442\u0447\u0435\u0442\u044b Microsoft \u0432\u0441\u0435 \u0436\u0435 \u043a\u0430\u0436\u0443\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u0430\u0432\u0434\u043e\u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c\u0438.  \u041d\u043e \u043f\u043e\u0433\u043b\u044f\u0434\u0438\u043c.", "creation_timestamp": "2022-01-20T14:25:36.000000Z"}, {"uuid": "4be4ad9c-2807-445b-b49b-b7bbd5086bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971224", "content": "", "creation_timestamp": "2024-12-24T20:26:07.909014Z"}, {"uuid": "5d804e80-ce8a-4bad-b549-1e5bf57cc1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:30.000000Z"}, {"uuid": "4e3bb4a0-8c5c-49c8-9dcc-d991d1d6ad4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/94ed671e-799d-455e-bbec-1cdbebf05cdc", "content": "", "creation_timestamp": "2026-02-02T12:28:26.892850Z"}, {"uuid": "5c8880b1-2109-40eb-b870-be57d4641725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "2a58f8d9-babb-4416-ab47-cafeaf2d2aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-35247", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=727", "content": "", "creation_timestamp": "2022-01-24T04:00:00.000000Z"}, {"uuid": "d3d132d4-72d1-4843-b618-18ccc134b721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "exploited", "source": "https://t.me/thehackernews/1808", "content": "Microsoft has detected hackers exploiting a new zero-day vulnerability (CVE-2021-35247) in SolarWinds Serv-U software related to Log4j attacks.\n\nRead: https://thehackernews.com/2022/01/microsoft-hackers-exploiting-new.html\n\nServ-U version 15.3 has been released to patch the issue.", "creation_timestamp": "2022-01-20T06:00:50.000000Z"}, {"uuid": "4a8c59cf-1562-4782-aa5b-63659bb81e17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35247", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/94ed671e-799d-455e-bbec-1cdbebf05cdc", "content": "", "creation_timestamp": "2026-02-02T12:28:26.892850Z"}]}