An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.
References
Link | Resource |
---|---|
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35226 | Patch Vendor Advisory |
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35226 | Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 06:12
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35226 - Patch, Vendor Advisory |
03 Aug 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role. |
Information
Published : 2022-10-10 23:15
Updated : 2024-11-21 06:12
NVD link : CVE-2021-35226
Mitre link : CVE-2021-35226
CVE.ORG link : CVE-2021-35226
JSON object : View
Products Affected
solarwinds
- network_configuration_manager
CWE
CWE-326
Inadequate Encryption Strength