Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2021-35237 CVE-2021-35236 CVE-2021-35231 CVE-2021-35233 CVE-2021-35235 |
CWE-ID | CWE-693 CWE-200 CWE-428 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
Kiwi Syslog Server Server applications / Other server solutions |
Vendor | SolarWinds |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU57856
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35237
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to a missing HTTP header (X-Frame-Options). A remote attacker can trick a victim to click on an actionable item, hijack the user activity intended for the original server and send them to the other server.
MitigationInstall updates from vendor's website.
Vulnerable software versionsKiwi Syslog Server: 9.7 - 9.7.2
CPE2.3http://documentation.solarwinds.com/en/success_center/kss/content/release_notes/kss_9-8_release_notes.htm
http://www.solarwinds.com/trust-center/security-advisories/cve-2021-35237
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU57864
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35236
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the Secure flag is not set in the SSL Cookie. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsKiwi Syslog Server: 9.7 - 9.7.2
CPE2.3http://documentation.solarwinds.com/en/success_center/kss/content/release_notes/kss_9-8_release_notes.htm
http://www.solarwinds.com/trust-center/security-advisories/cve-2021-35236
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU57859
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35231
CWE-ID:
CWE-428 - Unquoted Search Path or Element
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an unquoted service path in the Installation Wizard. A local administrator can insert an executable into the path of the affected service and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsKiwi Syslog Server: 9.7 - 9.7.2
CPE2.3http://documentation.solarwinds.com/en/success_center/kss/content/release_notes/kss_9-8_release_notes.htm
http://www.solarwinds.com/trust-center/security-advisories/cve-2021-35231
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU57858
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35233
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the HTTP TRACK & TRACE methods are enabled. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsKiwi Syslog Server: 9.7 - 9.7.2
CPE2.3http://documentation.solarwinds.com/en/success_center/kss/content/release_notes/kss_9-8_release_notes.htm
http://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35233
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU57857
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35235
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the ASP.NET debug feature is enabled by default. A remote attacker can start a debugging session and gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsKiwi Syslog Server: 9.7 - 9.7.2
CPE2.3http://documentation.solarwinds.com/en/success_center/kss/content/release_notes/kss_9-8_release_notes.htm
http://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35235
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.