Trust Center Index Page SolarWinds Trust Center Security Advisories | CVE-2021-35213
Orion User setting Improper Access Control Privilege Escalation Vulnerability (CVE-2021-35213)

Summary

An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.

Affected Products 

  • Orion Platform 2020.2.5 and earlier

Fixed Software Release

Acknowledgments

  • Chudy working with Trend Micro Zero Day Initiative

Advisory Details

Severity

8.9 High

Advisory ID

CVE-2021-35213

First Published

07/15/2021

Fixed Version

Orion Platform 2020.2.6

{{STATIC CONTENT}}
{{CAPTION_TITLE}}

{{CAPTION_CONTENT}}

{{TITLE}}