CVE-2021-35245 - OpenCVE

When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Complete

Availability Impact None

AV:N/AC:L/Au:S/C:N/I:C/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Solarwinds	Serv-u
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:solarwinds:serv-u::::::::
	cpe:2.3:a:solarwinds:serv-u:15.2.4:hotfix1::::::
	cpe:2.3:a:solarwinds:serv-u:15.2.5:-::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm	Release Notes Vendor Advisory
https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: SolarWinds

Published: 2021-12-02T00:00:00

Updated: 2021-12-06T16:52:02

Reserved: 2021-06-22T00:00:00

Link: CVE-2021-35245

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-12-06T17:15:07.687

Modified: 2022-10-27T17:00:22.340

Link: CVE-2021-35245

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"platforms": ["Windows"], "product": "Serv-U FTP", "vendor": "SolarWinds", "versions": [{"lessThan": "15.2.5", "status": "affected", "version": "15.2.4 Hotfix 1 and previous versions ", "versionType": "custom"}]}], "datePublic": "2021-12-02T00:00:00", "descriptions": [{"lang": "en", "value": "When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-12-06T16:52:02", "orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245"}, {"tags": ["x_refsource_MISC"], "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm"}], "solutions": [{"lang": "en", "value": "All customers should upgrade to the latest version of Serv-U 15.2.5 as soon as the update is available. "}], "source": {"defect": ["CVE-2021-35245"], "discovery": "UNKNOWN"}, "title": "Broken Access Control Vulnerability for SolarWinds Serv-U ", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@solarwinds.com", "DATE_PUBLIC": "2021-12-02T16:16:00.000Z", "ID": "CVE-2021-35245", "STATE": "PUBLIC", "TITLE": "Broken Access Control Vulnerability for SolarWinds Serv-U "}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Serv-U FTP", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_name": "15.2.4 Hotfix 1 and previous versions ", "version_value": "15.2.5"}]}}]}, "vendor_name": "SolarWinds"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284: Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245", "refsource": "MISC", "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245"}, {"name": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm", "refsource": "MISC", "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm"}]}, "solution": [{"lang": "en", "value": "All customers should upgrade to the latest version of Serv-U 15.2.5 as soon as the update is available. "}], "source": {"defect": ["CVE-2021-35245"], "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "assignerShortName": "SolarWinds", "cveId": "CVE-2021-35245", "datePublished": "2021-12-02T00:00:00", "dateReserved": "2021-06-22T00:00:00", "dateUpdated": "2021-12-06T16:52:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "1882D2EA-8C83-4C41-B63D-57735E0F4DAE", "versionEndExcluding": "15.2.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:serv-u:15.2.4:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "8DFF9665-662A-42E4-A1E5-462F0980B3EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:serv-u:15.2.5:-:*:*:*:*:*:*", "matchCriteriaId": "F06D88D5-8D82-431A-8B21-74FC62C76EC0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine."}, {"lang": "es", "value": "Cuando un usuario presenta derechos de administrador en la Consola de Serv-U, el usuario puede mover, crear y eliminar cualquier archivo al que se pueda acceder en la m\u00e1quina anfitriona de Serv-U"}], "id": "CVE-2021-35245", "lastModified": "2022-10-27T17:00:22.340", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 6.0, "source": "psirt@solarwinds.com", "type": "Secondary"}]}, "published": "2021-12-06T17:15:07.687", "references": [{"source": "psirt@solarwinds.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm"}, {"source": "psirt@solarwinds.com", "tags": ["Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "psirt@solarwinds.com", "type": "Secondary"}]}