CVE-2021-35234
Exposed Dangerous Functions - Privileged Escalation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
Numerosas funciones peligrosas expuestas dentro de Orion Core han permitido la inyección de SQL de sólo lectura conllevando a una escalada de privilegios. Un atacante con bajos privilegios de usuario puede robar los hashes de las contraseñas y la información de las sales de las contraseñas
This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability.
The specific flaw exists within the SendSyslog class. This class allows a crafted user-supplied string to be processed as an SQL statement. An attacker can leverage this vulnerability to escalate privileges to the level of an application administrator.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-06-22 CVE Reserved
- 2021-12-20 CVE Published
- 2024-09-16 CVE Updated
- 2024-11-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1596 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1597 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1598 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1599 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1600 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1601 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1602 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1603 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1604 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Solarwinds Search vendor "Solarwinds" | Orion Platform Search vendor "Solarwinds" for product "Orion Platform" | <= 2020.2.5 Search vendor "Solarwinds" for product "Orion Platform" and version " <= 2020.2.5" | - |
Affected
| ||||||
| Solarwinds Search vendor "Solarwinds" | Orion Platform Search vendor "Solarwinds" for product "Orion Platform" | 2020.2.6 Search vendor "Solarwinds" for product "Orion Platform" and version "2020.2.6" | - |
Affected
| ||||||
| Solarwinds Search vendor "Solarwinds" | Orion Platform Search vendor "Solarwinds" for product "Orion Platform" | 2020.2.6 Search vendor "Solarwinds" for product "Orion Platform" and version "2020.2.6" | hotfix1 |
Affected
| ||||||
| Solarwinds Search vendor "Solarwinds" | Orion Platform Search vendor "Solarwinds" for product "Orion Platform" | 2020.2.6 Search vendor "Solarwinds" for product "Orion Platform" and version "2020.2.6" | hotfix2 |
Affected
| ||||||