The version of SolarWinds Storage Resource Monitor (SRM) Profiler (formerly SolarWinds Storage Manager) running on the remote host is prior to 6.2.3. It is, therefore, affected by multiple vulnerabilities :

  - A man-in-the-middle (MitM) information disclosure     vulnerability, known as POODLE, exists due to the way     SSL 3.0 handles padding bytes when decrypting messages     encrypted using block ciphers in cipher block chaining     (CBC) mode. A MitM attacker can decrypt a selected byte     of a cipher text in as few as 256 tries if they are able     to force a victim application to repeatedly send the     same data over newly created SSL 3.0 connections.
    (CVE-2014-3566)

  - A man-in-the-middle vulnerability, known as Logjam,     exists due to a flaw in the SSL/TLS protocol. A remote     attacker can exploit this flaw to downgrade connections     using ephemeral Diffie-Hellman key exchange to 512-bit     export-grade cryptography. (CVE-2015-4000)

  - Multiple SQL injection vulnerabilities exist due to a     failure by various servlets to properly sanitize the     user-supplied input to their parameters. An     unauthenticated, remote attacker can exploit these     vulnerabilities to inject or manipulate SQL queries     against the back-end database, resulting in the     disclosure or manipulation of arbitrary data     (CVE-2016-4350).

    The following servlets are affected :

      - BackupAssociationServlet
      - BackupExceptionsServlet
      - BexDriveUsageSummaryServlet
      - DuplicateFilesServlet
      - FileActionAssignmentServlet
      - HostStorageServlet
      - NbuErrorMessageServlet
      - ProcessesServlet
      - QuantumMonitorServlet
      - ScriptServlet
      - UserDefinedFieldConfigServlet
      - WindowsEventLogsServlet
      - XiotechMonitorServlet

  - A SQL injection (SQLi) vulnerability exists in the     RunScript.jsp script due to improper sanitization of     user-supplied input before using it in SQL queries. An     unauthenticated, remote attacker can exploit this to     inject or manipulate SQL queries in the back-end     database, resulting in the disclosure and manipulation     of arbitrary data.

  - A path traversal vulnerability exists due to improper     sanitization of user-supplied input. An unauthenticated,     remote attacker can exploit this, via a specially     crafted request, to disclose sensitive information.

Detections

Analytics

SolarWinds Storage Resource Monitor Profiler < 6.2.3 Multiple Vulnerabilities (Logjam) (POODLE)

critical Nessus Plugin ID 91123

Version 1.11

Version 1.10

Version 1.11 Jun 23, 2023, 2:15 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202306231415
Version 1.10 Dec 6, 2022, 6:53 AM Reference Plugin Feed: 202212060653