Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Deserialization of Untrusted Data in Resource Controls Remote Code Execution
Vulnerability Description
Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Solarwinds Orion Platform 代码问题漏洞
Vulnerability Description
Solarwinds Orion Platform是美国Solarwinds公司的一套网络故障和网络性能管理平台。该平台可对网络设备提供实时监测和分析,并支持定制网页介面、多种用户意见和对整个网络进行地图式浏览等。 Solarwinds Orion Platform 存在安全漏洞,该漏洞源于在 Patch Manager Orion 平台集成模块中发现了不受信任的数据从而引发了不安全的反序列化漏洞。攻击者可利用该漏洞导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A