FKIE_CVE-2020-7984

Vulnerability from fkie_nvd - Published: 2020-01-26 21:15 - Updated: 2024-11-21 05:38
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
SolarWinds N-central before 12.1 SP1 HF5 and 12.2 before SP1 HF2 allows remote attackers to retrieve cleartext domain admin credentials from the Agent & Probe settings, and obtain other sensitive information. The attacker can use a customer ID to self register and read any aspects of the agent/appliance configuration.
References
cve@mitre.orghttps://blog.huntresslabs.com/validating-the-solarwinds-n-central-dumpster-diver-vulnerability-5e3a045982e5Exploit, Patch, Third Party Advisory
cve@mitre.orghttps://community.solarwindsmsp.com/Support/Software-Downloads/MSP-N-Central/MSP-N-central-12-1-SP1-HF5Permissions Required, Vendor Advisory
cve@mitre.orghttps://community.solarwindsmsp.com/Support/Software-Downloads/MSP-N-Central/MSP-N-central-12-2-SP1-HF2Permissions Required, Vendor Advisory
cve@mitre.orghttps://github.com/flipflopfpvThird Party Advisory
cve@mitre.orghttps://packetstormsecurity.com/files/156033Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttps://success.solarwindsmsp.com/kb/solarwinds_n-central/How-to-Expunge-credentials-for-Customer-levels-of-SolarWinds-N-centralPatch, Vendor Advisory
cve@mitre.orghttps://twitter.com/SecurityNewsbot/status/1219722631898812416Third Party Advisory
cve@mitre.orghttps://www.crn.com/news/managed-services/solarwinds-rmm-tool-has-open-zero-day-exploit-huntress-labsThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://blog.huntresslabs.com/validating-the-solarwinds-n-central-dumpster-diver-vulnerability-5e3a045982e5Exploit, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://community.solarwindsmsp.com/Support/Software-Downloads/MSP-N-Central/MSP-N-central-12-1-SP1-HF5Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://community.solarwindsmsp.com/Support/Software-Downloads/MSP-N-Central/MSP-N-central-12-2-SP1-HF2Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/flipflopfpvThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://packetstormsecurity.com/files/156033Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://success.solarwindsmsp.com/kb/solarwinds_n-central/How-to-Expunge-credentials-for-Customer-levels-of-SolarWinds-N-centralPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://twitter.com/SecurityNewsbot/status/1219722631898812416Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.crn.com/news/managed-services/solarwinds-rmm-tool-has-open-zero-day-exploit-huntress-labsThird Party Advisory
Impacted products
Vendor Product Version
solarwinds n-central *
solarwinds n-central *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:solarwinds:n-central:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6491E4-72F5-4F8D-AEAA-6DA7590F6FAB",
              "versionEndExcluding": "12.1.1.404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:solarwinds:n-central:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5357BA14-B1C9-4E9F-9412-8961014B38A1",
              "versionEndExcluding": "12.2.1.280",
              "versionStartIncluding": "12.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SolarWinds N-central before 12.1 SP1 HF5 and 12.2 before SP1 HF2 allows remote attackers to retrieve cleartext domain admin credentials from the Agent \u0026 Probe settings, and obtain other sensitive information. The attacker can use a customer ID to self register and read any aspects of the agent/appliance configuration."
    },
    {
      "lang": "es",
      "value": "SolarWinds N-central versiones anteriores a 12.1 SP1 HF5 y versiones 12.2 anteriores a SP1 HF2, permite a atacantes remotos recuperar credenciales de administrador de dominio de texto sin cifrar de la configuraci\u00f3n de Agent \u0026amp; Probe, y obtener otra informaci\u00f3n confidencial. El atacante puede utilizar un ID de cliente para registrarse a si mismo y leer cualquier aspecto de la configuraci\u00f3n de agent/appliance."
    }
  ],
  "id": "CVE-2020-7984",
  "lastModified": "2024-11-21T05:38:08.713",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-26T21:15:10.387",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://blog.huntresslabs.com/validating-the-solarwinds-n-central-dumpster-diver-vulnerability-5e3a045982e5"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://community.solarwindsmsp.com/Support/Software-Downloads/MSP-N-Central/MSP-N-central-12-1-SP1-HF5"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://community.solarwindsmsp.com/Support/Software-Downloads/MSP-N-Central/MSP-N-central-12-2-SP1-HF2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/flipflopfpv"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://packetstormsecurity.com/files/156033"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://success.solarwindsmsp.com/kb/solarwinds_n-central/How-to-Expunge-credentials-for-Customer-levels-of-SolarWinds-N-central"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://twitter.com/SecurityNewsbot/status/1219722631898812416"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.crn.com/news/managed-services/solarwinds-rmm-tool-has-open-zero-day-exploit-huntress-labs"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://blog.huntresslabs.com/validating-the-solarwinds-n-central-dumpster-diver-vulnerability-5e3a045982e5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://community.solarwindsmsp.com/Support/Software-Downloads/MSP-N-Central/MSP-N-central-12-1-SP1-HF5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://community.solarwindsmsp.com/Support/Software-Downloads/MSP-N-Central/MSP-N-central-12-2-SP1-HF2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/flipflopfpv"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://packetstormsecurity.com/files/156033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://success.solarwindsmsp.com/kb/solarwinds_n-central/How-to-Expunge-credentials-for-Customer-levels-of-SolarWinds-N-central"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://twitter.com/SecurityNewsbot/status/1219722631898812416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.crn.com/news/managed-services/solarwinds-rmm-tool-has-open-zero-day-exploit-huntress-labs"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-319"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.