3 matches found
CVE-2021-28674
creationtimestamp| type| source ---|---|--- 2021-07-30 18:15:26+00:00| seen| https://t.me/cibsecurity/26598...
CVE-2021-28674
The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node outside of the attacker's perimeter via an account with write permissions. This occurs because node IDs are predictable with incrementing numbers and the access control on...
CVE-2021-28674
The CVE-2021-28674 entry concerns SolarWinds Orion Platform prior to 2020.2.5 HF1. The node management page (Services/NodeManagement.asmx/DeleteObjNow) allows an authenticated user with node-management rights to create or delete nodes outside the attacker’s perimeter due to predictable, increment...