Trust Center Index Page SolarWinds Trust Center Security Advisories | CVE-2021-35242
A valid CSRF token is present in response to an invalid request (CVE-2021-35242)

Summary

Serv-U server responds with valid CSRF Token when the request contains only Session.

Affected Products

  • Serv-U 15.2.4 HF1 and previous versions

Fixed Software Release

  • Serv-U 15.2.5

Advisory Details

Severity

8.3 High

Advisory ID

CVE-2021-35242

First Published

12/3/2021

Last Updated

12/3/2021

Fixed Version

Serv-U 15.2.5

CVSS Score

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

{{STATIC CONTENT}}
{{CAPTION_TITLE}}

{{CAPTION_CONTENT}}

{{TITLE}}