![]() Access Restriction Bypass Via Referrer Spoof – Business Logic Bypass Vulnerability ( CVE-2021-32076) – Fixed in WHD 12.7.6.At this point, we have no reason to believe other customers were impacted.Īccording to BleepingComputer, even though SolarWinds did not share specifics on the tools or tactics used in the assault, there are at least four separate security flaws that an attacker may exploit to target an unpatched WHD instance: While we are investigating this matter, we have also alerted other customers about this potential issue out of an abundance of caution. We received a report from one customer about an attempted attack that was not successful. SolarWinds is working with the customer to investigate the report even though the company hasn’t been able to reproduce the scenario. If you are not able to remove it from your public infrastructure at this time, we recommend you ensure you have EDR software deployed, and are monitoring the WHD instance.Ĭustomers who cannot immediately remove WHD instances from Internet-exposed servers are advised to deploy EDR software and monitor them for attack attempts. In an abundance of caution, SolarWinds recommends all Web Help Desk customers whose WHD implementation is externally facing to remove it from your public (internet-facing) infrastructure until we know more. We have not been able to reproduce the scenario, and are working with the customer to further the investigation. SolarWinds is currently investigating this report. The customer’s endpoint detection and response (EDR) system blocked the attack and alerted the customer to the issue. WHD is corporate helpdesk ticketing and IT inventory management software that is meant to assist clients in automating ticketing and IT asset management operations.Ī SolarWinds customer reported an external attempted attack on their instance of Web Help Desk (WHD) 12.7.5. ![]() SolarWinds alerted clients about assaults on Internet-exposed Web Help Desk (WHD) instances and recommended that they be removed from publicly accessible infrastructure (likely to prevent the exploitation of a potential security flaw). It’s important to note that following this cyberattack, the US Congress became interested in enacting a federal law requiring breach notifications. SolarWinds Corporation is a company based in the United States that creates software to assist organizations in managing their networks, systems, and information technology infrastructure.īack in 2020 SolarWinds was affected by a large-scale cyber incident in which attackers injected malware into some routine software updates, as they were being rolled out to as many as 18,000 government entities and Fortune 500 companies, all clients of SolarWinds. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |