SolarWinds Serv-U vulnerability exploited to deliver Log4j attack

Threat Level – Red | Vulnerability Report
Download PDF

For a detailed advisory, download the pdf file here.

SolarWinds is affected by a vulnerability (CVE-2021-35247)  due to improper input validation when processing LDAP queries in the Serv-U web login screen. Serv-U versions up to 15.2.5 are affected by this flaw and were fixed in version 15.3.

A threat actor used this vulnerability to send a manipulated LDAP query with unsanitized data to target Serv-U using the Log4j vulnerability. The attempt failed because Serv-U does not use Log4j code and the authentication target – LDAP (Microsoft Active Directory) – is not vulnerable to Log4j attacks.

HivePro threat researchers advise customers to patch the vulnerability using the link given below.

Vulnerability Details

Patch Link


What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox