HOW TO FIX CVE-2021-35234- PRIVILEGE ESCALATION IN SOLARWINDS’S ORION PLATFORM NPM

THESECMASTER

This privilege escalation has been tracked under CVE-2021-35234, letting an attacker steal password hashes and password salt information with low-user privileges. The report says that the vulnerability found in multiple functions of Network Performance Monitor is exposed to privilege escalation vulnerability.

1. What is Orion Platform?
2. What is SolarWinds Network Performance Monitor?
3. Summary of CVE-2021-35234- Privilege Escalation in SolarWinds’s Orion Platform:
4. List of SolarWinds’s Network Performance Monitor Functions Affected with CVE-2021-35234:
5. Versions Affected To CVE-2021-35234- Privilege Escalation in SolarWinds’s Orion Platform
6. How to Fix CVE-2021-35234- Privilege Escalation in SolarWinds’s Orion Platform?
  6. 1. Install hotfix or Upgrade Orion Platform
  6. 2. Install the Hotfix in High Availability
  6. 3. Revoke “Alert Management” and “Report Management” Rights

Table of Contents :

How to Fix CVE-2021-35234- Privilege Escalation in SolarWinds’s Orion Platform?

1. TextToSpeech
2. PlaySound
3. CustomStatus
4. CustomProperty
5. WriteToEventLog
6. Email Class

List of SolarWinds’s Network Performance Monitor Functions Affected with CVE-2021-35234:

Tumblr

Telegram

Medium

Twitter

LinkedIn

Facebook

FOLLOW US:

THESECMASTER