ZDI-21-192: SolarWinds Orion Platform NCM SCM IPAM SaveUserSetting Improper Access Control Privilege Escalation Vulnerability
This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SolarWinds Orion |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-21-192?
The severity of ZDI-21-192 is critical due to the potential for remote code execution and privilege escalation.
How do I fix ZDI-21-192?
To fix ZDI-21-192, update your SolarWinds Orion Platform to the latest version that includes the necessary security patches.
Who is affected by ZDI-21-192?
Organizations using affected installations of the SolarWinds Orion Platform are at risk from ZDI-21-192.
Can ZDI-21-192 be exploited without authentication?
Yes, ZDI-21-192 can be exploited remotely without authentication.
What impact does ZDI-21-192 have on affected systems?
ZDI-21-192 allows remote attackers to execute arbitrary code and escalate privileges on the affected systems.
- agent/type
- agent/severity
- agent/title
- agent/references
- agent/description
- agent/source
- agent/event
- agent/softwarecombine
- agent/tags
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-21-192
- alias/ZDI-CAN-11903
- alias/CVE-2021-27258
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/solarwinds
- canonical/solarwinds orion platform