CVE-2021-35248 : Security Advisory and Response
Learn about CVE-2021-35248 affecting SolarWinds' Orion platform, allowing low-privileged users to access Orion.UserSettings. Find out the impact, affected systems, and mitigation steps.
Orion platform by SolarWinds was susceptible to CVE-2021-35248, allowing low-privileged users to access Orion.UserSettings. Here's all you need to know about this vulnerability.
Understanding CVE-2021-35248
This CVE relates to unrestricted access to the Orion.UserSettings SWIS entity for low-privilege users.
What is CVE-2021-35248?
The vulnerability allowed any Orion user, including guest accounts, to query the Orion.UserSettings entity and access users' basic settings.
The Impact of CVE-2021-35248
With a CVSS base score of 6.8, this medium-severity vulnerability had a high impact on confidentiality, potentially exposing sensitive user data.
Technical Details of CVE-2021-35248
The following technical details outline the vulnerability and its implications:
Vulnerability Description
CVE-2021-35248 involved improper access control, enabling unauthorized users to retrieve user information through the Orion.UserSettings entity.
Affected Systems and Versions
Orion versions up to 2020.2.6 HF 2 were affected by this vulnerability on the Windows platform.
Exploitation Mechanism
The vulnerability could be exploited by low-privileged users to query the Orion.UserSettings entity and gather user data.
Mitigation and Prevention
Protect your system from CVE-2021-35248 with these mitigation steps:
Immediate Steps to Take
If upgrading immediately is not possible, refer to the SolarWinds Knowledgebase for workarounds to mitigate the issue.
Long-Term Security Practices
Ensure regular system updates and follow security best practices to prevent similar vulnerabilities in the future.
Patching and Updates
SolarWinds has addressed this vulnerability in Orion version 2020.2.6 HF3. Users are strongly advised to upgrade to the latest version available to mitigate the risk.