CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3154

An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.047

EPSS Ranking 88.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2021-3154

Solarwinds » Serv-U » Version: 15.1

cpe:2.3:a:solarwinds:serv-u:15.1
Solarwinds » Serv-U » Version: 15.1.1

cpe:2.3:a:solarwinds:serv-u:15.1.1
Solarwinds » Serv-U » Version: 15.1.2

cpe:2.3:a:solarwinds:serv-u:15.1.2
Solarwinds » Serv-U » Version: 15.1.3

cpe:2.3:a:solarwinds:serv-u:15.1.3
Solarwinds » Serv-U » Version: 15.1.4

cpe:2.3:a:solarwinds:serv-u:15.1.4
Solarwinds » Serv-U » Version: 15.1.5

cpe:2.3:a:solarwinds:serv-u:15.1.5
Solarwinds » Serv-U » Version: 15.1.6

cpe:2.3:a:solarwinds:serv-u:15.1.6
Solarwinds » Serv-U » Version: 15.1.7

cpe:2.3:a:solarwinds:serv-u:15.1.7
Solarwinds » Serv-U » Version: 15.2.1

cpe:2.3:a:solarwinds:serv-u:15.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3154

Products

Pricing

Contact Us