CVE-2021-35226

An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.
Configurations

Configuration 1 (hide)

cpe:2.3:a:solarwinds:network_configuration_manager:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:12

Type Values Removed Values Added
References () https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35226 - Patch, Vendor Advisory () https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35226 - Patch, Vendor Advisory

03 Aug 2023, 17:15

Type Values Removed Values Added
Summary An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role. An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.

Information

Published : 2022-10-10 23:15

Updated : 2024-11-21 06:12


NVD link : CVE-2021-35226

Mitre link : CVE-2021-35226

CVE.ORG link : CVE-2021-35226


JSON object : View

Products Affected

solarwinds

  • network_configuration_manager
CWE
CWE-326

Inadequate Encryption Strength