Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:SOLARWINDS-POLICYBYPASS
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	SolarWinds Firewall Security Manager userlogin.jsp Policy Bypass
Release Date	2015/03/20
Update Number	2477
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: SolarWinds Firewall Security Manager userlogin.jsp Policy Bypass

A policy bypass vulnerability exists in SolarWinds Log and Event Manager. A successful attack could lead to a policy bypass condition on the server.

Extended Description

userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling.

Affected Products

Solarwinds firewall_security_manager 6.6.5

References

CVE: CVE-2015-2284

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: SolarWinds Firewall Security Manager userlogin.jsp Policy Bypass

Extended Description

Affected Products

References