PT-2020-16131 · Solarwinds · Solarwinds N-Central

Fabian Ullrich

Published

2020-12-16

Updated

2020-12-21

CVE-2020-25619

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions SolarWinds N-Central version 12.3.0.670

Description An issue was discovered in the SSH component of SolarWinds N-Central, where it does not restrict the communication channel to intended endpoints. This allows an attacker to leverage an SSH feature, specifically port forwarding with a temporary key pair, to access network services on the 127.0.0.1 interface. This feature was originally intended only for user-to-agent communication.

Recommendations For SolarWinds N-Central version 12.3.0.670, consider restricting access to the SSH component until a patch is available. As a temporary workaround, disabling the port forwarding feature with temporary key pairs may help minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-25619

Affected Products

Solarwinds N-Central

PT-2020-16131 · Solarwinds · Solarwinds N-Central

CVE-2020-25619

Related Identifiers

Affected Products

References · 8