CVE-2021-35225 – Netpath Horizontal Privilege Escalation Vulnerability: NPM 2020.2.5
https://notcve.org/view.php?id=CVE-2021-35225
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination. Cada usuario autenticado de Orion Platform en un entorno MSP (Managed Service Provider) puede visualizar y navegar todos los servicios NetPath de todos los clientes de ese MSP. Esto puede conllevar a que cualquier usuario tenga una visión limitada de la infraestructura de otros clientes y una posible contaminación cruzada de datos • https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm https://support.solarwinds.com/SuccessCenter/s/article/NPM-2020-2-6-Hotfix-2?language=en_US https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35225 •
CVE-2020-27869 – SolarWinds Network Performance Monitor WriteToFile SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-27869
This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges and reset the password for the Admin user. • https://www.zerodayinitiative.com/advisories/ZDI-21-064 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •