Security Advisory

CVE-2021-35231

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-25 13:00:29

Last updated 2024-09-16 18:38:19

Assigner SolarWinds

State PUBLISHED

Description

As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path: "ComputerHKEY_LOCAL_MACHINESYSTEMControlSet001ServicesKiwi Syslog ServerParametersApplication".

← Browse all CVEs View on cve.org ↗