exploitDog

CVE-2021-35219

Опубликовано: 31 авг. 2021

Источник: nvd

CVSS3: 6

CVSS3: 4.9

CVSS2: 4

EPSS Низкий

Описание

ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.

Ссылки

https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm
Product
Release Notes
Vendor Advisory
https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US
Mitigation
Patch
Vendor Advisory
https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US
Patch
Release Notes
Vendor Advisory
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219
Vendor Advisory
https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm
Product
Release Notes
Vendor Advisory
https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-ExportToPdfCmd-Arbitrary-File-Read-Information-Disclosure-CVE-2021-35219?language=en_US
Mitigation
Patch
Vendor Advisory
https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US
Patch
Release Notes
Vendor Advisory
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35219
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*

Версия до 2020.2.6 (исключая)

EPSS

Процентиль: 29%

0.00104

Низкий

6 Medium

CVSS3

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-w6qc-3wgf-m973

CVSS3: 4.9

github

больше 3 лет назад

ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.

EPSS

Процентиль: 29%

0.00104

Низкий

6 Medium

CVSS3

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo