Unrated severityNVD Advisory· Published Oct 21, 2021· Updated Sep 17, 2024
Netpath Horizontal Privilege Escalation Vulnerability: NPM 2020.2.5
CVE-2021-35225
Description
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SolarWinds/NPMv5Range: 2020.2.6 Hotfix 1 and previous versions
Patches
Vulnerability mechanics
References
3- documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htmmitrex_refsource_MISC
- support.solarwinds.com/SuccessCenter/s/article/NPM-2020-2-6-Hotfix-2mitrex_refsource_MISC
- www.solarwinds.com/trust-center/security-advisories/cve-2021-35225mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.