Skip to main content

Orion Platform CVE-2021-28674

MEDIUM
Use of Insufficiently Random Values (CWE-330)
2021-07-30 cve@mitre.org
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low

Lifecycle Timeline

1
CVE Published
Jul 30, 2021 - 14:15 nvd
MEDIUM 5.4

DescriptionNVD

The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform.

AnalysisAI

The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-330. The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform. Affected products include: Solarwinds Orion Platform. Version information: before 2020.2.5.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2022-38108 HIGH POC
7.2 Oct 20

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. Rated high severity (CVSS 7.2), this vulne

CVE-2021-25274 CRITICAL POC
9.8 Feb 03

The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set p

CVE-2021-25275 HIGH POC
7.8 Feb 03

SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backen

CVE-2021-27258 CRITICAL
9.8 Apr 14

This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion

CVE-2019-9546 CRITICAL
9.8 Mar 01

SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service. Rated critica

CVE-2021-35222 CRITICAL
9.6 Aug 31

This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Executio

CVE-2020-13169 CRITICAL
9.0 Sep 17

Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and p

CVE-2022-36964 HIGH
8.8 Nov 29

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. Rated high severity (CVSS 8.8), this vulne

CVE-2022-36960 HIGH
8.8 Nov 29

SolarWinds Platform was susceptible to Improper Input Validation. Rated high severity (CVSS 8.8), this vulnerability is

CVE-2022-36958 HIGH
8.8 Oct 20

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. Rated high severity (CVSS 8.8), this vulne

CVE-2022-36961 HIGH
8.8 Sep 30

A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this

CVE-2021-35234 HIGH
8.8 Dec 20

Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged esca

Share

CVE-2021-28674 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy