First published: Fri Mar 01 2019(Updated: )
SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SolarWinds Orion Platform | <2018.4 | |
SolarWinds Orion Platform | =2018.4 | |
SolarWinds Orion Platform | =2018.4-hotfix1 | |
<2018.4 | ||
=2018.4 | ||
=2018.4-hotfix1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-9546 is a vulnerability in SolarWinds Orion Platform before 2018.4 Hotfix 2 that allows privilege escalation through the RabbitMQ service.
CVE-2019-9546 has a severity rating of 9.8 (critical).
SolarWinds Orion Platform versions up to and excluding 2018.4 are affected, as well as version 2018.4 and hotfix 2018.4-hotfix1.
To fix CVE-2019-9546, install SolarWinds Orion Platform 2018.4 Hotfix 2 or a later version.
More information about CVE-2019-9546 can be found at the following references: [link 1](https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md), [link 2](https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability), [link 3](https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2)