2 matches found
SolarWinds Orion Platform 2020.2.0 < 2020.2.4
The version of SolarWinds Orion Platform installed on the remote host is prior to 2020.2.4. It is, therefore, affected by a vulnerability as referenced in the orionplatform202024 advisory. - This vulnerability allows remote attackers to execute escalate privileges on affected installations of...
CVE-2021-27258
SolarWinds Orion Platform 2020.2 is affected by CVE-2021-27258 through an improper access control in the SaveUserSetting endpoint, enabling unauthenticated privilege escalation from Guest to Administrator. This is a network-authless issue, with multiple sources (ZDI advisory ZDI-21-192, Red Hat a...