Trust Center Index Page SolarWinds Trust Center Security Advisories | CVE-2021-28674
Broken Access Control On Node Management Vulnerability (CVE-2021-28674)

Summary

Access control based vulnerability which allows an authenticated Orion user with node management rights from Group A delete nodes from Group B.

Affected Products 

  • Orion Platform 2019.4 and earlier

Fixed Software Release

Acknowledgments

  • Cyber Factory, ENEDIS Enedis

    Advisory Details

    Severity

    4.6 Medium

    Advisory ID

    CVE-2021-28674

    First Published

    05/13/2021

    Version

    Orion Platform 2020.2.6, 2020.2.5 HF1

    {{STATIC CONTENT}}
    {{CAPTION_TITLE}}

    {{CAPTION_CONTENT}}

    {{TITLE}}