9.8
CRITICAL
CVE-2016-4350
SolarWinds Storage Resource Monitor (SRM) Profiler SQL Injection Vulnerabilities
Description

Multiple SQL injection vulnerabilities in the Web Services web server in SolarWinds Storage Resource Monitor (SRM) Profiler (formerly Storage Manager (STM)) before 6.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) ScriptSchedule parameter in the ScriptServlet servlet; the (2) winEventId or (3) winEventLog parameter in the WindowsEventLogsServlet servlet; the (4) processOS parameter in the ProcessesServlet servlet; the (5) group, (6) groupName, or (7) clientName parameter in the BackupExceptionsServlet servlet; the (8) valDB or (9) valFS parameter in the BackupAssociationServlet servlet; the (10) orderBy or (11) orderDir parameter in the HostStorageServlet servlet; the (12) fileName, (13) sortField, or (14) sortDirection parameter in the DuplicateFilesServlet servlet; the (15) orderFld or (16) orderDir parameter in the QuantumMonitorServlet servlet; the (17) exitCode parameter in the NbuErrorMessageServlet servlet; the (18) udfName, (19) displayName, (20) udfDescription, (21) udfDataValue, (22) udfSectionName, or (23) udfId parameter in the UserDefinedFieldConfigServlet servlet; the (24) sortField or (25) sortDirection parameter in the XiotechMonitorServlet servlet; the (26) sortField or (27) sortDirection parameter in the BexDriveUsageSummaryServlet servlet; the (28) state parameter in the ScriptServlet servlet; the (29) assignedNames parameter in the FileActionAssignmentServlet servlet; the (30) winEventSource parameter in the WindowsEventLogsServlet servlet; or the (31) name, (32) ipOne, (33) ipTwo, or (34) ipThree parameter in the XiotechMonitorServlet servlet.

INFO

Published Date :

May 9, 2016, 8:59 p.m.

Last Modified :

May 16, 2016, 1:52 p.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2016-4350 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Solarwinds storage_resource_monitor
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2016-4350.

URL Resource
http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-16-249
http://www.zerodayinitiative.com/advisories/ZDI-16-250
http://www.zerodayinitiative.com/advisories/ZDI-16-251
http://www.zerodayinitiative.com/advisories/ZDI-16-252
http://www.zerodayinitiative.com/advisories/ZDI-16-253
http://www.zerodayinitiative.com/advisories/ZDI-16-254
http://www.zerodayinitiative.com/advisories/ZDI-16-255
http://www.zerodayinitiative.com/advisories/ZDI-16-256
http://www.zerodayinitiative.com/advisories/ZDI-16-257
http://www.zerodayinitiative.com/advisories/ZDI-16-258
http://www.zerodayinitiative.com/advisories/ZDI-16-259
http://www.zerodayinitiative.com/advisories/ZDI-16-260
http://www.zerodayinitiative.com/advisories/ZDI-16-261
http://www.zerodayinitiative.com/advisories/ZDI-16-262
http://www.zerodayinitiative.com/advisories/ZDI-16-263
http://www.zerodayinitiative.com/advisories/ZDI-16-264
http://www.zerodayinitiative.com/advisories/ZDI-16-265
http://www.zerodayinitiative.com/advisories/ZDI-16-266
http://www.zerodayinitiative.com/advisories/ZDI-16-267
http://www.zerodayinitiative.com/advisories/ZDI-16-268
http://www.zerodayinitiative.com/advisories/ZDI-16-269
http://www.zerodayinitiative.com/advisories/ZDI-16-270
http://www.zerodayinitiative.com/advisories/ZDI-16-271
http://www.zerodayinitiative.com/advisories/ZDI-16-272

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2016-4350 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2016-4350 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    May. 16, 2016

    Action Type Old Value New Value
    Added CPE Configuration Configuration 1 OR *cpe:2.3:a:solarwinds:storage_resource_monitor:6.2.1:*:*:*:*:*:*:* (and previous)
    Added CVSS V2 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
    Added CVSS V3 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm No Types Assigned http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm Advisory
    Added CWE CWE-89
  • Initial Analysis by [email protected]

    May. 10, 2016

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2016-4350 is associated with the following CWEs:

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

96.43 }} 0.16%

score

0.99450

percentile

CVSS30 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability