CVE-2021-27277

🗓️ 22 Apr 2021 17:50:13Reported by zdiType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 43 Views

Vulnerability in SolarWinds Orion Virtual Infrastructure Monitor 2020.2 allows local attackers to escalate privileges and execute arbitrary cod

Reporter	Title	Published	Views	Family All 8
CNNVD	Solarwinds Orion Virtual Infrastructure Monitor 代码问题漏洞	30 Mar 202100:00	–	cnnvd
Cvelist	CVE-2021-27277	22 Apr 202117:50	–	cvelist
EUVD	EUVD-2021-14042	7 Oct 202500:30	–	euvd
NVD	CVE-2021-27277	22 Apr 202118:15	–	nvd
OSV	CVE-2021-27277	22 Apr 202118:15	–	osv
Prion	Deserialization of untrusted data	22 Apr 202118:15	–	prion
RedhatCVE	CVE-2021-27277	9 Jan 202608:53	–	redhatcve
Zero Day Initiative	SolarWinds Orion Virtual Infrastructure Monitor OneTimeJobSchedulerEventsService Deserialization of Untrusted Data Privilege Escalation Vulnerability	30 Mar 202100:00	–	zdi

NVD

Vulners

Node

solarwinds orion_platformMatch2020.2

[
  {
    "product": "Orion Virtual Infrastructure Monitor",
    "vendor": "SolarWinds",
    "versions": [
      {
        "status": "affected",
        "version": "2020.2"
      }
    ]
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-21-373/
documentation	www.documentation.solarwinds.com/en/Success_Center/SAM/Content/Release_Notes/SAM_2020-2-5_release_notes.htm

21 Nov 2024 05:57Current

7.9High risk

Vulners AI Score7.9

CVSS 27.2

CVSS 3.17.8

CVSS 37.8

EPSS0.02208

CWE-502