Security Advisory

CVE-2021-32076

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-26 14:53:25

Last updated 2024-09-17 01:00:44

Assigner SolarWinds

State PUBLISHED

Description

Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An attacker can access the Web Help Desk Getting Started Wizard, especially the admin account creation page, from a non-privileged IP address network range or loopback address by intercepting the HTTP request and changing the referrer from the public IP address to the loopback.

← Browse all CVEs View on cve.org ↗