VYPR
Unrated severityNVD Advisory· Published Dec 20, 2021· Updated Sep 16, 2024

Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users

CVE-2021-35248

Description

It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.