Security patch: Attacks on IT management platform SolarWinds possible
The SolarWinds developers have closed several security gaps in their software. Attackers can cause crashes, for example.
(Image: Photon photo/Shutterstock.com)
Administrators use SolarWinds to manage IT devices and administer databases. Due to several vulnerabilities, attackers can attack the software and execute their own commands, among other things.
Several security vulnerabilities
As can be seen from a press release on the current secured version 2024.2, the developers have directly closed three gaps in the management platform (CVE-2024-28996 "high", CVE-2024-28999 "medium", CVE-2024-29004 "high"). Among other things, attackers can use these to launch a persistent XSS attack. In this case, they can execute their own code when calling the web console. However, an attacker requires high user rights in advance and a victim must also play along.
A further eleven vulnerabilities affect various third-party components such as OpenSSL. The majority of the vulnerabilities, some of which are already seven years old, are classified as "high". If attackers successfully exploit one of the vulnerabilities, they can cause DoS states. In such a case, software usually crashes.
Patch now!
There have been no reports of ongoing attacks to date. Nevertheless, admins should install the 2024.2 release, which is equipped against the attacks described, as soon as possible.
In the warning message, the developers point out that support has already expired for some older SolarWinds versions. These versions will no longer receive security updates. For example, patch support for SolarWinds 2022.4 will expire in July of this year. This was the case for 2022.3 in March of this year.
Those responsible have compiled the upgrade options in a support document.
(des)
