// For flags

CVE-2021-27258

SolarWinds Orion Platform NCM SCM IPAM SaveUserSetting Improper Access Control Privilege Escalation Vulnerability

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. Was ZDI-CAN-11903.

Esta vulnerabilidad permite a atacantes remotos ejecutar privilegios escalados en las instalaciones afectadas de SolarWinds Orion Platform versión 2020.2. No es requerida una autenticación para explotar esta vulnerabilidad. El fallo específico se presenta dentro del endpoint SaveUserSetting. El problema es debido a una restricción inapropiada de este endpoint para usuarios sin privilegios. Un atacante puede aprovechar esta vulnerabilidad para escalar los privilegios de sus privilegios de invitado a administrador. Era ZDI-CAN-11903

This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator.

*Credits: Anonymous
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-02-16 CVE Reserved
  • 2021-04-14 CVE Published
  • 2024-07-31 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-284: Improper Access Control
CAPEC
References (1)
URL Tag Source
https://www.zerodayinitiative.com/advisories/ZDI-21-192 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Solarwinds
Search vendor "Solarwinds"
 Orion Platform
Search vendor "Solarwinds" for product "Orion Platform"
 2020.2
Search vendor "Solarwinds" for product "Orion Platform" and version "2020.2"
-
Affected