Security Advisory

CVE-2021-35244

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-20 20:08:24

Last updated 2024-09-16 22:10:26

Assigner SolarWinds

State PUBLISHED

Description

The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution.

← Browse all CVEs View on cve.org ↗