Kiwi Syslog Server
CVE-2021-35231
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path: "Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Kiwi Syslog Server\Parameters\Application".
AnalysisAI
As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-428. As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path: "Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Kiwi Syslog Server\Parameters\Application". Affected products include: Solarwinds Kiwi Syslog Server.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Kiwi Syslog Server
View allThe Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7.2 and previous versions. Rated medium severity (C
The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. Rated medium severity
The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. Rated medium severity (CVSS 5.3), t
A missing HTTP header (X-Frame-Options) in Kiwi Syslog Server has left customers vulnerable to click jacking. Rated medi
Same weakness CWE-428 – Unquoted Search Path or Element
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today