Short Name |
APP:MISC:SOLARWDS-DAMEWARE-ID |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
SolarWinds DameWare Mini Remote Control Information Disclosure |
Release Date |
2019/11/28 |
Update Number |
3228 |
Supported Platforms |
srx-17.3+, srx-branch-17.4+, vsrx-15.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against SolarWinds DameWare Mini Remote Control. A successful attack can lead to sensitive information disclosure.
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating CltDHPubKeyLen during key negotiation, which could crash the application or leak sensitive information.