Solarwinds: >> Managed Service Provider Patch Management Engine Security Vulnerabilities
An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the CacheService.xml SISServerURL parameter.
CVSS Score
7.8
EPSS Score
0.008
Published
2020-05-07