Short Name |
HTTP:SOLARWINDS-AUTH-BYPASS |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
SolarWinds Storage Manager AuthenticationFilter Authentication Bypass |
Release Date |
2014/11/24 |
Update Number |
2444 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
SolarWinds Storage Manager suffers from authentication bypass vulnerability. Successful exploitation could result in code execution under the context of the system.
The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scripts via unspecified vectors.