Vulnerability Details CVE-2021-3109
The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.5%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 4.9
References
- https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm
- https://support.solarwinds.com/SuccessCenter/s/
- https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm
- https://support.solarwinds.com/SuccessCenter/s/
Products affected by CVE-2021-3109
-
cpe:2.3:a:solarwinds:orion_platform:2016.1
-
cpe:2.3:a:solarwinds:orion_platform:2016.2
-
cpe:2.3:a:solarwinds:orion_platform:2017.1
-
cpe:2.3:a:solarwinds:orion_platform:2017.3
-
cpe:2.3:a:solarwinds:orion_platform:2018.2
-
cpe:2.3:a:solarwinds:orion_platform:2018.4
-
cpe:2.3:a:solarwinds:orion_platform:2019.2
-
cpe:2.3:a:solarwinds:orion_platform:2019.4
-
cpe:2.3:a:solarwinds:orion_platform:2019.4.2
-
cpe:2.3:a:solarwinds:orion_platform:2020.2
-
cpe:2.3:a:solarwinds:orion_platform:2020.2.1
-
cpe:2.3:a:solarwinds:orion_platform:2020.2.4