SB2021110219 - Multiple vulnerabilities in SolarWinds Kiwi Syslog Server

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Protection Mechanism Failure (CVE-ID: CVE-2021-35237)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a missing HTTP header (X-Frame-Options). A remote attacker can trick a victim to click on an actionable item, hijack the user activity intended for the original server and send them to the other server.

2) Information disclosure (CVE-ID: CVE-2021-35236)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the Secure flag is not set in the SSL Cookie. A remote attacker can gain unauthorized access to sensitive information on the system.

3) Unquoted Search Path or Element (CVE-ID: CVE-2021-35231)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an unquoted service path in the Installation Wizard. A local administrator can insert an executable into the path of the affected service and gain elevated privileges on the target system.

4) Information disclosure (CVE-ID: CVE-2021-35233)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the HTTP TRACK & TRACE methods are enabled. A remote attacker can gain unauthorized access to sensitive information on the system.

5) Information disclosure (CVE-ID: CVE-2021-35235)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the ASP.NET debug feature is enabled by default. A remote attacker can start a debugging session and gain unauthorized access to sensitive information on the system.

Remediation

Install update from vendor's website.

References

• https://documentation.solarwinds.com/en/success_center/kss/content/release_notes/kss_9-8_release_notes.htm
• https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35237
• https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35236
• https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35231
• https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35233
• https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35235