SB2022011720 - LDAP injection in SolarWinds Serv-U
Published: January 17, 2022
Security Bulletin ID
SB2022011720
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) LDAP injection (CVE-ID: CVE-2021-35247)
The vulnerability allows a remote attacker to send unexpected characters to the LDAP server.
The vulnerability exists due to improper input validation when processing DLAP queries in Serv-U web login screen. A remote non-authenticated attacker can send a specially crafted request that can bypass implemented filtration and influence the initial LDAP query.
Note: No downstream affect has been detected as the LDAP servers ignored improper characters.
Remediation
Install update from vendor's website.