Summary
SolarWinds Storage Manager is prone to a remote code execution vulnerability
Impact
This may allow a remote attacker to subvert
the authentication filter and upload arbitrary scripts, and use them to execute arbitrary code.
Solution
Update to 5.7.2 or higher.
Insight
SolarWinds Storage Manager contains a flaw
in the AuthenticationFilter class.
Affected
Storage Manager Server before 5.7.2 is vulnerable
Detection
Try to upload a file.
References
Updated on 2015-03-25
