CVE-2021-3154

2021-05-0413:02:56

mitre

www.cve.org

8.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.5%

JSON

An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481.

References

documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-2_release_notes.htm