CVE-2016-4350

critical

Description

Multiple SQL injection vulnerabilities in the Web Services web server in SolarWinds Storage Resource Monitor (SRM) Profiler (formerly Storage Manager (STM)) before 6.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) ScriptSchedule parameter in the ScriptServlet servlet; the (2) winEventId or (3) winEventLog parameter in the WindowsEventLogsServlet servlet; the (4) processOS parameter in the ProcessesServlet servlet; the (5) group, (6) groupName, or (7) clientName parameter in the BackupExceptionsServlet servlet; the (8) valDB or (9) valFS parameter in the BackupAssociationServlet servlet; the (10) orderBy or (11) orderDir parameter in the HostStorageServlet servlet; the (12) fileName, (13) sortField, or (14) sortDirection parameter in the DuplicateFilesServlet servlet; the (15) orderFld or (16) orderDir parameter in the QuantumMonitorServlet servlet; the (17) exitCode parameter in the NbuErrorMessageServlet servlet; the (18) udfName, (19) displayName, (20) udfDescription, (21) udfDataValue, (22) udfSectionName, or (23) udfId parameter in the UserDefinedFieldConfigServlet servlet; the (24) sortField or (25) sortDirection parameter in the XiotechMonitorServlet servlet; the (26) sortField or (27) sortDirection parameter in the BexDriveUsageSummaryServlet servlet; the (28) state parameter in the ScriptServlet servlet; the (29) assignedNames parameter in the FileActionAssignmentServlet servlet; the (30) winEventSource parameter in the WindowsEventLogsServlet servlet; or the (31) name, (32) ipOne, (33) ipTwo, or (34) ipThree parameter in the XiotechMonitorServlet servlet.

References

http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm

http://www.zerodayinitiative.com/advisories/ZDI-16-249

http://www.zerodayinitiative.com/advisories/ZDI-16-250

http://www.zerodayinitiative.com/advisories/ZDI-16-251

http://www.zerodayinitiative.com/advisories/ZDI-16-252

http://www.zerodayinitiative.com/advisories/ZDI-16-253

http://www.zerodayinitiative.com/advisories/ZDI-16-254

http://www.zerodayinitiative.com/advisories/ZDI-16-255

http://www.zerodayinitiative.com/advisories/ZDI-16-256

http://www.zerodayinitiative.com/advisories/ZDI-16-257

http://www.zerodayinitiative.com/advisories/ZDI-16-258

http://www.zerodayinitiative.com/advisories/ZDI-16-259

http://www.zerodayinitiative.com/advisories/ZDI-16-260

http://www.zerodayinitiative.com/advisories/ZDI-16-261

http://www.zerodayinitiative.com/advisories/ZDI-16-262

http://www.zerodayinitiative.com/advisories/ZDI-16-263

http://www.zerodayinitiative.com/advisories/ZDI-16-264

http://www.zerodayinitiative.com/advisories/ZDI-16-265

http://www.zerodayinitiative.com/advisories/ZDI-16-266

http://www.zerodayinitiative.com/advisories/ZDI-16-267

http://www.zerodayinitiative.com/advisories/ZDI-16-268

http://www.zerodayinitiative.com/advisories/ZDI-16-269

http://www.zerodayinitiative.com/advisories/ZDI-16-270

http://www.zerodayinitiative.com/advisories/ZDI-16-271

http://www.zerodayinitiative.com/advisories/ZDI-16-272

Details

Source: MITRE

Published: 2016-05-09

Updated: 2016-05-16

Type: CWE-89

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL