CVE-2019-8917 is a vulnerability in SolarWinds Orion Network Performance Monitor
Published on February 18, 2019

SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may be abused by an attacker to execute commands as the SYSTEM user.

NVD

Products Associated with CVE-2019-8917

Want to know whenever a new CVE is published for SolarWinds Orion Network Performance Monitor? stack.watch will email you.

SolarWinds Orion Network Performance Monitor

Exploit Probability

EPSS

35.98%

Percentile

97.03%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-8917 is a vulnerability in SolarWinds Orion Network Performance MonitorPublished on February 18, 2019

Products Associated with CVE-2019-8917

Exploit Probability

CVE-2019-8917 is a vulnerability in SolarWinds Orion Network Performance Monitor
Published on February 18, 2019