SolarWinds SUNBURST breach

WSO2 impacted: No

Evidence of compromise: No

Customers actions required: No

Reported Vulnerability

Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event123.

Impact on WSO2 Products and Deployments

WSO2 does not use Solarwinds components other than Solarwinds Pingdom which is not affected by the published security advisory2. Hence, WSO2 products and services have not been affected by the Solarwinds product related vulnerabilities or exploits.

Solarwinds Pingdom is a cloud based website monitoring platform which WSO2 uses in order to monitor the organization's public facing website metrics such as uptime.