Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service configuration, which allows a critical resource to be accessed by unprivileged users. An attacker can leverage this vulnerability to execute code in the context of an administrator. Was ZDI-CAN-12007.
CVSS Information
N/A
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
SolarWinds Orion Job Scheduler 安全漏洞
Vulnerability Description
SolarWinds Solarwinds Orion是SolarWinds公司的一个IT管理产品组合的核心。它提供了一个稳定且可扩展的体系结构,其中包括数据收集,处理,存储和表示。 SolarWinds Orion Job Scheduler 2020.2.1 HF 2 存在安全漏洞,该漏洞源于JobRouterService WCF service 的配置允许非特权用户访问,允许远程攻击者执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A