Vulnerability in monitoring software

1.0HanseSecure GmbHhttps://hansesecure.de/en/Vulnerability in monitoring software – HanseSecure GmbHrich600338<blockquote class="wp-embedded-content" data-secret="fu9k0QhsJG"><a href="https://hansesecure.de/en/2020/06/vulnerability-in-monitoring-software/">Vulnerability in monitoring software</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://hansesecure.de/en/2020/06/vulnerability-in-monitoring-software/embed/#?secret=fu9k0QhsJG" width="600" height="338" title="“Vulnerability in monitoring software” — HanseSecure GmbH" data-secret="fu9k0QhsJG" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script> /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); //# sourceURL=https://hansesecure.de/wp-includes/js/wp-embed.min.js </script> https://hansesecure.de/wp-content/uploads/2020/06/blog-solarwinds.jpg400300CVE CVE-2020-13912 Vulnerable software SolarWinds “Advanced Monitoring Agent” before 10.8.9 Vulnerability Insufficient authorization/ rights extension Timeline Description The Advanced Monitoring Agent software up to version 10.8.9 was executed when each user (remote or local) logged in. The corresponding file can be modified by all users on the system. A malicious user could exchange the file […]