Описание
An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-35213
- https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm
- https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35213
- https://www.zerodayinitiative.com/advisories/ZDI-21-1244
Связанные уязвимости
An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
Уязвимость компонента SaveUserSetting программного обеспечения сетевого мониторинга SolarWinds Orion Platform, позволяющая нарушителю повысить свои привилегии до уровня администратора