Privilege escalation in SolarWinds Network Performance Monitor
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-35225 |
| CWE-ID | CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Orion Network Performance Monitor Web applications / Other software |
| Vendor | SolarWinds |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU57863
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35225
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to each authenticated Orion user in the MSP (Managed Service Provider) environment can view and browse all NetPath Services from all MSP's customers. A remote authenticated attacker can have a limited insight into other customers' infrastructure and cause potential data cross-contamination.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOrion Network Performance Monitor: 2020.2.6 HF1
External linkshttp://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm
http://www.solarwinds.com/trust-center/security-advisories/cve-2021-35225
http://support.solarwinds.com/SuccessCenter/s/article/NPM-2020-2-6-Hotfix-2?language=en_US
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
