CVE-2018-19999

The local management interface in SolarWinds Serv-U FTP Server 15.1.6.25 has incorrect access controls that permit local users to bypass authentication in the application and execute code in the context of the Windows SYSTEM account, leading to privilege escalation. To exploit this vulnerability, an attacker must have local access the the host running Serv-U, and a Serv-U administrator have an active management console session.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
solarwindsserv-u_ftp_server
15.1.6.25
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://seclists.org/fulldisclosure/2019/May/46
https://www.themissinglink.com.au/security-advisories-cve-2018-19999
https://seclists.org/fulldisclosure/2019/May/46
https://www.themissinglink.com.au/security-advisories-cve-2018-19999