Etek

Join ETEK on LinkedIn for top cybersecurity insights and updates.

Blogs

Solarwinds present new vulnerability

Solarwinds software, known for its support in monitoring the availability and health of devices in many companies, is once again vulnerable in its Serv-U application unit used for file transfer.

Solarwinds has been one of the most widely deployed software in companies to monitor the availability and performance of their platforms, nevertheless in the past two years, it has presented several vulnerabilities.

On January 19, Microsoft disclosed details of a security flaw in the SolarWinds Serv-U software (used for information transfer), Microsoft said it was being exploited by malicious actors to launch attacks that take advantage of Log4j bugs to compromise targets.

The flaw was discovered by Microsoft security researcher Jonathan Bar when he was monitoring attacks that exploited security bugs in the Log4j library.

Vulnerability Details

The vulnerability listed by NIST as CVE-2021-35247 indicates that the problem is for “Input validation, which could allow attackers to create a query given some input and send that query over the unsecured network.”

The information found indicated that “Serv-U’s web login screen for LDAP authentication allowed unusual characters” however, the SolarWinds software vendor noted that “no downstream effect has been detected as LDAP servers ignore incorrect characters.” It is not clear if the attacks detected by Microsoft just attempted to exploit the flaw or if they were ultimately successful, so for now, only we advise an upgrade. The affected versions of Server-U are 15.2.5 or lower, but it has already been fixed in version 15.3.

Software Solarwinds
Serv-U Trasnfer File

Recommendations

Perform the Serv-U upgrade to version 15.3 recommended by SolarWinds.

https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247

Use cases *:

– Activity tracking of a possible Zero-day Attack.

– Recognition and/or Vulnerabilities.

More information can be found in the following sources associated with the news item:

LinkedIn
Facebook
Twitter
Print
Email

Apply Now