Unrated severityNVD Advisory· Published Dec 20, 2021· Updated Sep 16, 2024
Exposed Dangerous Functions - Privileged Escalation
CVE-2021-35234
Description
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SolarWinds/Orion Corev5Range: 2020.2.6 HF 2 and previous versions
Patches
Vulnerability mechanics
References
12- documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htmmitrex_refsource_MISC
- support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3mitrex_refsource_MISC
- www.solarwinds.com/trust-center/security-advisories/cve-2021-35234mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1596/mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1597/mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1598/mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1599/mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1600/mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1601/mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1602/mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1603/mitrex_refsource_MISC
- www.zerodayinitiative.com/advisories/ZDI-21-1604/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.