Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.
SolarWinds recommends upgrading to the latest version of Network Performance Monitor 2020.2.6 Hotfix 2 as soon as it becomes available. All customers should review and implement all of the recommendations from the Orion Secure Configuration Guide
Configurations
Workarounds
In the mentioned workaround, Customers can restrict the viewing of access rights for non-admin users via Orion UI. \nhttps://support.solarwinds.com/SuccessCenter/s/article/Orion-NPM-NetPath-account-limitations?language=en_US
Exploits
Credits
SolarWinds would like to thank Preston Deason, Chad Larson, and Zachary Riezenman for reporting on the issue in a responsible manner
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImportAlert Improper Access Control Tampering Vulnerability
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.