SolarWinds has released patches to address a critical security vulnerability in its web help software that could be used to execute arbitrary code on sensitive instances.
The flaw, tracked as CVE-2024-28986 (CVSS score: 9.8), was described as a deserialization bug.
“SolarWinds Web Help Desk has been found to be vulnerable to a remote Java deserialization code execution vulnerability that, if exploited, would allow an attacker to execute commands on a host machine,” the company said in a statement. said in the consulting room.
“Although this was reported as an unauthenticated vulnerability, SolarWinds was unable to reproduce it without authentication after extensive testing.”
The vulnerability affects all versions of SolarWinds Web Support, up to and including 12.8.3. It was addressed to patch version 12.8.3 HF 1.
The disclosure comes after Palo Alto Networks patched a high-severity vulnerability affecting Cortex XSOAR that could lead to command injection and code execution.
Assigned CVE ID CVE-2024-5914 (CVSS Score: 7.0), the flaw affects all versions of Cortex XSOAR CommonScripts prior to 1.12.33.
“A command injection vulnerability in the Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands in the context of an integration container,” the company said in a statement. said.
“To be exposed, the integration must use the ScheduleGenericPolling or GenericPollingScheduledTask scripts from the CommonScripts package.”
Palo Alto Networks is also addressing two medium-severity issues listed below –
- CVE-2024-5915 (CVSS Score: 5.2) – Privilege elevation (PE) vulnerability in GlobalProtect on Windows devices that allows a local user to execute programs with elevated privileges
- CVE-2024-5916 (CVSS Score: 6.0) – An information disclosure vulnerability in PAN-OS software that could allow a local system administrator to access secrets, passwords, and tokens of external systems
Users are advised to update to the latest version to reduce potential risks. As a precaution, it is also recommended to revoke the secrets, passwords, and tokens that are configured in the PAN-OS firewalls after the upgrade.
