A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.
References
Link | Resource |
---|---|
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm | Release Notes Vendor Advisory |
https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: SolarWinds
Published: 2022-09-28T00:00:00
Updated: 2023-08-03T16:46:36.401Z
Reserved: 2022-07-27T00:00:00
Link: CVE-2022-36961
JSON object: View
NVD Information
Status : Modified
Published: 2022-09-30T17:15:13.010
Modified: 2023-08-03T17:15:10.840
Link: CVE-2022-36961
JSON object: View
Redhat Information
No data.
CWE