CVE-2020-25619
N/A
N/A
Summary
An issue was discovered in SolarWinds N-Central 12.3.0.670. The SSH component does not restrict the Communication Channel to Intended Endpoints. An attacker can leverage an SSH feature (port forwarding with a temporary key pair) to access network services on the 127.0.0.1 interface, even though this feature was only intended for user-to-agent communication.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://support.solarwinds.com/SuccessCenter/s/
- https://ernw.de/en/publications.html
- https://insinuator.net/2020/12/security-advisories-for-solarwinds-n-central/
References
- https://support.solarwinds.com/SuccessCenter/s/
- https://ernw.de/en/publications.html
- https://insinuator.net/2020/12/security-advisories-for-solarwinds-n-central/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.