3 matches found
SolarWinds Serv-U 15.0 < 15.3.1
The version of SolarWinds Serv-U installed on the remote host is prior to 15.3.1. It is, therefore, affected by a vulnerability as referenced in the serv-u1531 advisory. - This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of...
CVE-2021-35249
CVE-2021-35249 concerns SolarWinds Serv-U FTP Server. Connected sources confirm a broken access control vulnerability in Serv-U versions prior to 15.3.1 where a domain admin can read configuration and user data across other domains they should not access. The issue is read-only from the attacker’...
CVE-2021-35249 Domain Admin Broken Access Control
This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data read only operation. This UAC issue leads to a data leak to...