CVE-2021-35245

Опубликовано: 06 дек. 2021

Источник: nvd

CVSS3: 8.4

CVSS3: 6.8

CVSS2: 6.8

EPSS Низкий

Описание

When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.

Ссылки

https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm
Release Notes
Vendor Advisory
https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245
Vendor Advisory
https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm
Release Notes
Vendor Advisory
https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*

Версия до 15.2.4 (исключая)

cpe:2.3:a:solarwinds:serv-u:15.2.4:hotfix1:*:*:*:*:*:*

cpe:2.3:a:solarwinds:serv-u:15.2.5:-:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00245

Низкий

8.4 High

CVSS3

6.8 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-284

NVD-CWE-Other

Связанные уязвимости

GHSA-6wqv-7jxp-qpmj

CVSS3: 6.8

github

около 4 лет назад

When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.

EPSS

Процентиль: 48%

0.00245

Низкий

8.4 High

CVSS3

6.8 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-284

NVD-CWE-Other