An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
References
Link | Resource |
---|---|
https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm | Vendor Advisory |
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm | Release Notes Vendor Advisory |
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-1244/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: SolarWinds
Published: 2021-09-01T00:00:00
Updated: 2021-10-28T11:06:11
Reserved: 2021-06-22T00:00:00
Link: CVE-2021-35213
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-08-31T16:15:07.687
Modified: 2022-10-27T12:48:23.893
Link: CVE-2021-35213
JSON object: View
Redhat Information
No data.
CWE