CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-35214

The vulnerability in SolarWinds Pingdom can be described as a failure to invalidate user session upon password or email address change. When running multiple active sessions in separate browser windows, it was observed a password or email address change could be changed without terminating the user session. This issue has been resolved on September 13, 2021.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.6%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 1.9

References

https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35214
https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35214

Products affected by CVE-2021-35214

Solarwinds » Pingdom » Version: Any

cpe:2.3:a:solarwinds:pingdom:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-35214

Products

Pricing

Contact Us