Vulnerability Details CVE-2019-12181
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.513
EPSS Ranking 97.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://packetstormsecurity.com/files/153333/Serv-U-FTP-Server-15.1.6-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153505/Serv-U-FTP-Server-prepareinstallation-Privilege-Escalation.html
- https://blog.vastart.dev/2019/06/cve-2019-12181-serv-u-exploit-writeup.html
- https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-1-7_release_notes.htm
- https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-Potential-elevation-of-privileges-on-Linux-systems
- http://packetstormsecurity.com/files/153333/Serv-U-FTP-Server-15.1.6-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153505/Serv-U-FTP-Server-prepareinstallation-Privilege-Escalation.html
- https://blog.vastart.dev/2019/06/cve-2019-12181-serv-u-exploit-writeup.html
- https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-1-7_release_notes.htm
- https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-Potential-elevation-of-privileges-on-Linux-systems
Products affected by CVE-2019-12181
-
cpe:2.3:a:solarwinds:serv-u_ftp_server:15.1
-
cpe:2.3:a:solarwinds:serv-u_ftp_server:15.1.1
-
cpe:2.3:a:solarwinds:serv-u_ftp_server:15.1.2
-
cpe:2.3:a:solarwinds:serv-u_ftp_server:15.1.3
-
cpe:2.3:a:solarwinds:serv-u_ftp_server:15.1.4
-
cpe:2.3:a:solarwinds:serv-u_ftp_server:15.1.5
-
cpe:2.3:a:solarwinds:serv-u_ftp_server:15.1.6
-
cpe:2.3:a:solarwinds:serv-u_mft_server:15.1
-
cpe:2.3:a:solarwinds:serv-u_mft_server:15.1.1
-
cpe:2.3:a:solarwinds:serv-u_mft_server:15.1.2
-
cpe:2.3:a:solarwinds:serv-u_mft_server:15.1.3
-
cpe:2.3:a:solarwinds:serv-u_mft_server:15.1.4
-
cpe:2.3:a:solarwinds:serv-u_mft_server:15.1.5
-
cpe:2.3:a:solarwinds:serv-u_mft_server:15.1.6