I'm trying to determine Is NPM 2020.2.6402.1 a fixed version of the recent Supply Chain attack?
@daztu70 can you share a screenshot of your current footer from your environment or a copy?
Something like this: SolarWindsOrion Platform, WPM, SRM, NPM, VMAN, SAM: 2020.2.1 1999-2020 SolarWinds Worldwide, LLC. All Rights Reserved.
If you are on a version as indicated by the Security Advisory I would recommend reviewing the FAQ and following the procedures accordingly.
From our Security Advisory page: https://www.solarwinds.com/securityadvisory
SolarWinds asks customers with any of the below products listed as known affected for Orion Platform v2020.2 with no hotfix or 2020.2 HF 1 to upgrade to Orion Platform version 2020.2.1 HF 2 as soon as possible to ensure the security of your environment. This version is currently available here.
SolarWinds asks customers with any of the below products listed as known affected for Orion Platform v2019.4 HF 5 to update to 2019.4 HF 6, which is available for download here.
The hotfix release 2020.2.1 HF 2 is now available in the SolarWinds Customer Portal at customerportal.solarwinds.com. We recommend that all customers update to release 2020.2.1 HF 2, as the 2020.2.1 HF 2 release both replaces the compromised component and provides several additional security enhancements.
What do those hot fix versions mean in relation to the one I see for NPM: NPM 2020.2.6402.1? I can't tell by looking at 2020.2 HF1, HF 2 if they are the same as 2020.2.6402.1.
Unfortunately we have taken our Solarwinds software down per Security direction so I have no way of looking at that. Is there a way to know by the version I posted? 2020.2.6402.1?
