Patching SolarWinds Serv-U Vulnerability (CVE-2021-35247)

Brenda Gratas July 22, 2022
- 2 min read

On January 2021, a critical vulnerability known as CVE-2021-35247 was reported, impacting the Serv-U File Server's web login screen. 

In this article, we’ll delve into the specifics of CVE-2021-35247, its risks, and how InvGate Insight can help you identify and manage devices exposed to it.

Read on to gain a deeper understanding of this vulnerability and stay one step ahead of potential exploits.

About CVE-2021-35247

CVE-2021-35247 is an input validation vulnerability in the Serv-U File Server’s web login screen. The vulnerability is caused by a failure to properly sanitize user input before it is used to construct LDAP queries. It affects Serv-U versions 15.2.5 and earlier. 

How does CVE-2021-35247 work?

An attacker can create a specially crafted URL that, when visited, will cause the Serv-U web login screen to execute arbitrary code. The attacker can then use this code to gain access to the affected system.

What are CVE-2021-35247 risks?

An attacker who successfully exploits this vulnerability can gain complete control of the affected system, allowing them to steal data, install malware, or disrupt operations.

Is CVE-2021-35247 fixed?

Yes, SolarWinds released a patch for the vulnerability in Serv-U 15.3. Users are advised to update to the latest version as soon as possible to protect their systems.

Moreover, it is recommended that you:

  • Use a web application firewall (WAF) to block malicious traffic.
  • Implement strong security controls, such as user authentication and access control.
  • Monitor your systems for signs of compromise.

How to find devices exposed to CVE-2021-35247

With InvGate Insight, you can promptly detect devices that have been impacted by the CVE-2021-35247 vulnerability. The following instructions outline the process to be followed:

  1. Open InvGate Insight and go to the Explorer tab.
  2. Type in the Search bar “Software name, is:Serv-U” to filter all devices with this software.
  3. Add another filter to the Search bar to see all devices missing the security patch. To do that, add the following filter: “Reported version, is not:” and paste Solarwinds’ patched version (15.3).

Use InvGate Insight to find devices exposed to CVE-2021-35247

The bottom line

The CVE-2021-35247 vulnerability is an input validation flaw in Serv-U File Server's web login screen, impacting versions 15.2.5 and earlier. 

Fortunately, SolarWinds released a patch in version 15.3 to address the vulnerability, and users are strongly advised to update promptly.

To identify devices exposed to CVE-2021-35247, InvGate Insight offers a powerful solution. This capability, combined with additional security measures like implementing strong controls and monitoring systems for compromise, helps safeguard against potential exploits.

Request a 30-day free trial to streamline your Patch Management process and ensure the security of your network.

Read other articles like this : vulnerabilities

Read other articles like this:

Evaluate InvGate as Your ITSM Solution

30-day free trial - No credit card needed

InvGate logo light
Endeavor white logo
Service Desk
IT Service Management AI ITSM Enterprise Service Management Ticket Management Self-Service Workflows
ITAM
IT Asset Management Asset Inventory CMDB Network Discovery Metering
Learn
ITSM ITIL ESM SLAs Help Desks Ticket Volume
InvGate
AI Hub About Us Why InvGate? Partners Careers Contact Us Leave a Review
Compare With
Jira ServiceNow SolarWinds Freshservice Manage Engine Other Alternatives
Privacy Policy Quality Policy Cookie Policy Terms and Conditions Solutions Terms and Conditions © InvGate