An SQL injection Privilege Escalation Vulnerability exists in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
solarwinds orion platform 2019.2 |
||
solarwinds orion platform 2019.4 |
||
solarwinds orion platform 2020.2.1 |
||
solarwinds orion platform 2020.2.4 |
||
solarwinds orion platform 2020.2.5 |