CVE-2021-35249 - OpenCVE

This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessing the data unless they attempt to modify it. This read-only activity is logged to the original domain and does not specify which domain was accessed.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Solarwinds	Serv-u

Configuration 1 [-]

cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-1_release_notes.htm
https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35249

History

No history.

MITRE

Status: PUBLISHED

Assigner: SolarWinds

Published: 2022-05-17T19:44:55.183082Z

Updated: 2024-09-16T16:28:36.293Z

Reserved: 2021-06-22T00:00:00

Link: CVE-2021-35249

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-05-17T20:15:07.997

Modified: 2022-10-27T11:57:12.037

Link: CVE-2021-35249

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Serv-U", "vendor": "SolarWinds", "versions": [{"lessThan": "15.3.1", "status": "affected", "version": "15.3 and previous versions", "versionType": "custom"}]}], "datePublic": "2022-05-17T00:00:00", "descriptions": [{"lang": "en", "value": "This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessing the data unless they attempt to modify it. This read-only activity is logged to the original domain and does not specify which domain was accessed."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-05-17T19:44:55", "orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35249"}, {"tags": ["x_refsource_MISC"], "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-1_release_notes.htm"}], "solutions": [{"lang": "en", "value": "Serv-U Customers are advised to upgrade to the fix-version once it becomes generally available on May 17, 2022."}], "source": {"defect": ["CVE-2021-35249"], "discovery": "EXTERNAL"}, "title": "Domain Admin Broken Access Control", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@solarwinds.com", "DATE_PUBLIC": "2022-05-17T10:32:00.000Z", "ID": "CVE-2021-35249", "STATE": "PUBLIC", "TITLE": "Domain Admin Broken Access Control"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Serv-U", "version": {"version_data": [{"version_affected": "<", "version_name": "15.3 and previous versions", "version_value": "15.3.1"}]}}]}, "vendor_name": "SolarWinds"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessing the data unless they attempt to modify it. This read-only activity is logged to the original domain and does not specify which domain was accessed."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284 Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35249", "refsource": "MISC", "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35249"}, {"name": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-1_release_notes.htm", "refsource": "MISC", "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-1_release_notes.htm"}]}, "solution": [{"lang": "en", "value": "Serv-U Customers are advised to upgrade to the fix-version once it becomes generally available on May 17, 2022."}], "source": {"defect": ["CVE-2021-35249"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:33:51.298Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35249"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-1_release_notes.htm"}]}]}, "cveMetadata": {"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "assignerShortName": "SolarWinds", "cveId": "CVE-2021-35249", "datePublished": "2022-05-17T19:44:55.183082Z", "dateReserved": "2021-06-22T00:00:00", "dateUpdated": "2024-09-16T16:28:36.293Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "340F413D-1CEE-4583-A26B-FDF0A8E30812", "versionEndExcluding": "15.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessing the data unless they attempt to modify it. This read-only activity is logged to the original domain and does not specify which domain was accessed."}, {"lang": "es", "value": "Esta vulnerabilidad de control de acceso roto es referida espec\u00edficamente a un administrador de dominio que puede acceder a los datos de configuraci\u00f3n y de usuario de otros dominios a los que no deber\u00eda tener acceso. Tenga en cuenta que el administrador no puede modificar los datos (operaci\u00f3n de s\u00f3lo lectura). Este problema de UAC conlleva a un filtrado de datos a usuarios no autorizados de un dominio, sin que sea registrado su acceso a los datos a menos que intenten modificarlos. Esta actividad de s\u00f3lo lectura es registrada en el dominio original y no especifica a qu\u00e9 dominio ha sido accedido"}], "id": "CVE-2021-35249", "lastModified": "2022-10-27T11:57:12.037", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "psirt@solarwinds.com", "type": "Secondary"}]}, "published": "2022-05-17T20:15:07.997", "references": [{"source": "psirt@solarwinds.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-1_release_notes.htm"}, {"source": "psirt@solarwinds.com", "tags": ["Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35249"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "psirt@solarwinds.com", "type": "Secondary"}]}