CVE-2021-35214 : Exploit Details and Defense Strategies
Learn about CVE-2021-35214, a session management vulnerability in SolarWinds Pingdom prior to 13.09.2021, allowing unauthorized access post user credential changes.
This article provides detailed information about CVE-2021-35214, a session management vulnerability in SolarWinds Pingdom that was discovered and disclosed responsibly by Taseer Hussain.
Understanding CVE-2021-35214
CVE-2021-35214 is a vulnerability in SolarWinds Pingdom that allowed active user sessions to remain valid even after a password or email address change, potentially exposing sensitive information.
What is CVE-2021-35214?
The vulnerability in SolarWinds Pingdom can be described as a failure to invalidate user sessions upon password or email address change, enabling changes without terminating the user session.
The Impact of CVE-2021-35214
The impact of CVE-2021-35214 is rated as MEDIUM severity with a CVSS base score of 4.8. It could result in a high confidentiality impact as unauthorized access to user accounts could be gained.
Technical Details of CVE-2021-35214
The vulnerability affected versions of Pingdom prior to 13.09.2021, where multiple active sessions in separate browser windows could allow changes to user details without session termination.
Vulnerability Description
The vulnerability stemmed from a lapse in session management that did not require reauthentication or invalidation of active sessions post user credential changes.
Affected Systems and Versions
SolarWinds Pingdom versions prior to 13.09.2021 were impacted by this vulnerability, exposing user sessions to potential unauthorized access.
Exploitation Mechanism
Exploiting this vulnerability required users to have active sessions in separate browser instances and change their password or email address without session verification.
Mitigation and Prevention
Following the identification of CVE-2021-35214, SolarWinds took immediate steps to address this issue and issued a patch to secure affected systems.
Immediate Steps to Take
Users are advised to update their Pingdom installations to versions released after September 13, 2021, to mitigate the risk of unauthorized access.
Long-Term Security Practices
Implementing robust session management protocols and regularly updating software can help prevent similar vulnerabilities in the future.
Patching and Updates
Regularly applying security patches and staying informed about software updates from SolarWinds can ensure the ongoing security of Pingdom installations.