What is CVE-2022-36958?

CVE-2022-36958 is a vulnerability that allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor.

Is authentication required to exploit CVE-2022-36958?

Yes, authentication is required to exploit CVE-2022-36958.

What is the severity of CVE-2022-36958?

CVE-2022-36958 has a severity value of 8.8, which is considered high.

Which software is affected by CVE-2022-36958?

CVE-2022-36958 affects SolarWinds Network Performance Monitor (versions 2020.2.6 to 2022.3) and SolarWinds Orion Platform (versions 2020.2.6 to 2022.3).

Where can I find more information about CVE-2022-36958?

You can find more information about CVE-2022-36958 on the SolarWinds Trust Center website and the Zero Day Initiative website.

Vulnerability/
CVE-2022-36958

high

8.8

CWE

502

19/10/2022

3/8/2024

CVE-2022-36958: SolarWinds Network Performance Monitor DeserializeFromStrippedXml Deserialization of Untrusted Data Remote Code Execution Vulnerability

First published: Wed Oct 19 2022(Updated: )

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.

Credit: psirt@solarwinds.com

Affected Software	Affected Version	How to fix
SolarWinds Orion Platform	<2020.2.6
SolarWinds Orion Platform	=2020.2.6
SolarWinds Orion Platform	=2020.2.6-hotfix1
SolarWinds Orion Platform	=2020.2.6-hotfix2
SolarWinds Orion Platform	=2020.2.6-hotfix3
SolarWinds Orion Platform	=2020.2.6-hotfix4
SolarWinds Orion Platform	=2020.2.6-hotfix5
SolarWinds Orion Platform	=2022.2
SolarWinds Orion Platform	=2022.3

Remedy

SolarWinds recommends customers upgrade to SolarWinds Platform version 2022.4 as soon as possible.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-36958?
CVE-2022-36958 is a vulnerability that allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor.
Is authentication required to exploit CVE-2022-36958?
Yes, authentication is required to exploit CVE-2022-36958.
What is the severity of CVE-2022-36958?
CVE-2022-36958 has a severity value of 8.8, which is considered high.
Which software is affected by CVE-2022-36958?
CVE-2022-36958 affects SolarWinds Network Performance Monitor (versions 2020.2.6 to 2022.3) and SolarWinds Orion Platform (versions 2020.2.6 to 2022.3).
Where can I find more information about CVE-2022-36958?
You can find more information about CVE-2022-36958 on the SolarWinds Trust Center website and the Zero Day Initiative website.

collector/nvd-index
agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/remedy
agent/severity
agent/title
agent/weakness
agent/last-modified-date
agent/tags
agent/description
agent/softwarecombine
agent/event
agent/first-publish-date
collector/zdi-advisory
source/ZDI
alias/ZDI-22-1459
alias/ZDI-CAN-17567
alias/CVE-2022-36958
agent/software-canonical-lookup
vendor/solarwinds
canonical/solarwinds orion platform
version/solarwinds orion platform/2020.2.6
version/solarwinds orion platform/2020.2.6-hotfix1
version/solarwinds orion platform/2020.2.6-hotfix2
version/solarwinds orion platform/2020.2.6-hotfix3
version/solarwinds orion platform/2020.2.6-hotfix4
version/solarwinds orion platform/2020.2.6-hotfix5
version/solarwinds orion platform/2022.2
version/solarwinds orion platform/2022.3
canonical/solarwinds network performance monitor