Vulnerability Description
SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may be abused by an attacker to execute commands as the SYSTEM user.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Solarwinds | Orion Network Performance Monitor | < 12.4 |
References
- http://www.securityfocus.com/bid/107061Third Party AdvisoryVDB Entry
- https://github.com/VerSprite/research/blob/master/advisories/VS-2019-001.mdThird Party Advisory
- http://www.securityfocus.com/bid/107061Third Party AdvisoryVDB Entry
- https://github.com/VerSprite/research/blob/master/advisories/VS-2019-001.mdThird Party Advisory
FAQ
What is CVE-2019-8917?
CVE-2019-8917 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unaut...
How severe is CVE-2019-8917?
CVE-2019-8917 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-8917?
Check the references section above for vendor advisories and patch information. Affected products include: Solarwinds Orion Network Performance Monitor.