SolarWinds.Orion.Local.File.Inclusion

description-logoDescription

This indicates an attack attempt to exploit a Local File Inclusion vulnerability in SolarWinds Orion.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted request. A remote attacker may be able to exploit this to gain access to sensitive information.

affected-products-logoAffected Products

SolarWinds Orion before 2019.4 HF 6 or 2020.2.1 HF 2

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor:
https://www.solarwinds.com/securityadvisory

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-02-22 17.020 Default_action:pass:drop
2021-01-04 16.990