Security Alert (A22-01-19): Vulnerability in SolarWinds Serv-U File Server


 

Published on: 24 January 2022

  
  

Description:

SolarWinds has released a security advisory to address an improper input validation vulnerability (CVE-2021-35247) in Serv-U File Server. An attacker could send a specially crafted LDAP query to exploit the vulnerability.

 

Affected Systems:

  • SolarWinds Serv-U File Server with version prior to 15.3

 

Impact:

A successful exploitation could lead to security feature bypass on an affected system.

 

Recommendation:

Software updates or patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247
  • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35247

 



Tag: SolarWinds , Serv-U
Tags