First published: Tue Jul 27 2021(Updated: )
The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SolarWinds Orion Platform | <=2020.2.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-28674 is a vulnerability in the node management page of SolarWinds Orion Platform before 2020.2.5 HF1.
CVE-2021-28674 allows an attacker with write permissions to create or delete a node outside of their perimeter by exploiting predictable node IDs.
CVE-2021-28674 has a severity value of 5.4, which is classified as medium.
If your SolarWinds Orion Platform version is before 2020.2.5 HF1, it is affected by CVE-2021-28674.
To fix CVE-2021-28674, you need to update your SolarWinds Orion Platform to version 2020.2.5 HF1 or higher.