CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-35213

An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.2%

CVSS Severity

CVSS v3 Score 8.9

CVSS v2 Score 9.0

References

Products affected by CVE-2021-35213

Solarwinds » Orion Platform » Version: 2016.1

cpe:2.3:a:solarwinds:orion_platform:2016.1
Solarwinds » Orion Platform » Version: 2016.2

cpe:2.3:a:solarwinds:orion_platform:2016.2
Solarwinds » Orion Platform » Version: 2017.1

cpe:2.3:a:solarwinds:orion_platform:2017.1
Solarwinds » Orion Platform » Version: 2017.3

cpe:2.3:a:solarwinds:orion_platform:2017.3
Solarwinds » Orion Platform » Version: 2018.2

cpe:2.3:a:solarwinds:orion_platform:2018.2
Solarwinds » Orion Platform » Version: 2018.4

cpe:2.3:a:solarwinds:orion_platform:2018.4
Solarwinds » Orion Platform » Version: 2019.2

cpe:2.3:a:solarwinds:orion_platform:2019.2
Solarwinds » Orion Platform » Version: 2019.4

cpe:2.3:a:solarwinds:orion_platform:2019.4
Solarwinds » Orion Platform » Version: 2019.4.2

cpe:2.3:a:solarwinds:orion_platform:2019.4.2
Solarwinds » Orion Platform » Version: 2020.2

cpe:2.3:a:solarwinds:orion_platform:2020.2
Solarwinds » Orion Platform » Version: 2020.2.1

cpe:2.3:a:solarwinds:orion_platform:2020.2.1
Solarwinds » Orion Platform » Version: 2020.2.4

cpe:2.3:a:solarwinds:orion_platform:2020.2.4
Solarwinds » Orion Platform » Version: 2020.2.5

cpe:2.3:a:solarwinds:orion_platform:2020.2.5
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-35213

Products

Pricing

Contact Us