CVE-2021-35248 - OpenCVE

It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Solarwinds	Orion Platform

Configuration 1 [-]

AND

OR	cpe:2.3:a:solarwinds:orion_platform::::::::
	cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-::::::
	cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1::::::
	cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm
https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3
https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248

History

Mon, 16 Sep 2024 20:15:00 +0000

Type	Values Removed	Values Added
Description	It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.	It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.

MITRE

Status: PUBLISHED

Assigner: SolarWinds

Published: 2021-12-20T20:08:24.068411Z

Updated: 2024-09-16T20:07:13.877Z

Reserved: 2021-06-22T00:00:00

Link: CVE-2021-35248

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-12-20T21:15:08.157

Modified: 2024-09-16T20:15:39.287

Link: CVE-2021-35248

Redhat

No data.

{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Orion", "vendor": "SolarWinds", "versions": [{"lessThan": "2020.2.6 HF 3", "status": "affected", "version": "2020.2.6 HF 2 and previous versions", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "N/A"}], "datePublic": "2021-12-19T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.</p>"}], "value": "It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2023-08-03T20:32:27.141Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248"}, {"tags": ["x_refsource_MISC"], "url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3"}, {"tags": ["x_refsource_MISC"], "url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>This vulnerability has been fixed in Orion version 2020.2.6 HF3, customers are advised to upgrade to the latest version once it it is available.</p>"}], "value": "This vulnerability has been fixed in Orion version 2020.2.6 HF3, customers are advised to upgrade to the latest version once it it is available."}], "source": {"discovery": "EXTERNAL"}, "title": "Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:</p><p>https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-access-to-Orion-UserSettings-SWIS-entity-for-low-privilege-users-CVE-2021-35248</p>"}], "value": "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:\n\nhttps://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-access-to-Orion-UserSettings-SWIS-entity-for-low-privilege-users-CVE-2021-35248"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@solarwinds.com", "DATE_PUBLIC": "2021-12-20T11:16:00.000Z", "ID": "CVE-2021-35248", "STATE": "PUBLIC", "TITLE": "Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Orion", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_name": "2020.2.6 HF 2 and previous versions", "version_value": "2020.2.6 HF 3"}]}}]}, "vendor_name": "SolarWinds"}]}}, "credit": [{"lang": "eng", "value": "N/A"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284 Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248", "refsource": "MISC", "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248"}, {"name": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3", "refsource": "MISC", "url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3"}, {"name": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm", "refsource": "MISC", "url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"}]}, "solution": [{"lang": "en", "value": "This vulnerability has been fixed in Orion version 2020.2.6 HF3, customers are advised to upgrade to the latest version once it it is available."}], "source": {"discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "If you are unable to upgrade immediately. See SolarWinds Knowledgebase Article Below:https://support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Unrestricted-access-to-Orion-UserSettings-SWIS-entity-for-low-privilege-users-CVE-2021-35248"}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:33:51.261Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"}]}]}, "cveMetadata": {"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "assignerShortName": "SolarWinds", "cveId": "CVE-2021-35248", "datePublished": "2021-12-20T20:08:24.068411Z", "dateReserved": "2021-06-22T00:00:00", "dateUpdated": "2024-09-16T20:07:13.877Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "01CD6BD2-A53E-4AB1-A08C-00540EC437E8", "versionEndExcluding": "2020.2.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:-:*:*:*:*:*:*", "matchCriteriaId": "AD239861-0422-45EE-9A3B-EED4F87F38F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "D577F745-35B0-44D8-A457-FD00C4FD4F76", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:orion_platform:2020.2.6:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "884E1621-E848-4769-BEF6-95A87F52A538", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings."}, {"lang": "es", "value": "Se ha informado de que cualquier usuario de Orion, por ejemplo, las cuentas de invitados pueden consultar la entidad Orion.UserSettings y enumerar los usuarios y su configuraci\u00f3n b\u00e1sica"}], "id": "CVE-2021-35248", "lastModified": "2024-09-16T20:15:39.287", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "psirt@solarwinds.com", "type": "Secondary"}]}, "published": "2021-12-20T21:15:08.157", "references": [{"source": "psirt@solarwinds.com", "tags": ["Vendor Advisory"], "url": "https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm"}, {"source": "psirt@solarwinds.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3"}, {"source": "psirt@solarwinds.com", "tags": ["Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35248"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-732"}], "source": "psirt@solarwinds.com", "type": "Secondary"}]}