Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insecure Direct Object Reference Vulnerability: Orion Platform 2020.2.6
Vulnerability Description
Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
SolarWinds Platform 安全漏洞
Vulnerability Description
SolarWinds Platform是美国SolarWinds公司的一个统一监控、可观察性和服务管理平台。 SolarWinds Platform 2022.3 版本及之前版本存在安全漏洞,该漏洞源于不安全的直接对象引用 (IDOR)。具有节点管理权限的攻击者能够查看和编辑所有节点。
CVSS Information
N/A
Vulnerability Type
N/A