Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: SolarWinds
Published: 2021-12-20T00:00:00
Updated: 2023-08-03T20:30:52.441Z
Reserved: 2021-06-22T00:00:00
Link: CVE-2021-35234
JSON object: View
NVD Information
Status : Modified
Published: 2021-12-20T21:15:08.057
Modified: 2023-08-03T21:15:11.387
Link: CVE-2021-35234
JSON object: View
Redhat Information
No data.
CWE