Reverse Tabnabbing Vulnerability in SolarWinds Orion Platform
CVE-2021-3109
4.8MEDIUM
Summary
The custom menu item options page in the SolarWinds Orion Platform prior to version 2020.2.5 contains a vulnerability that allows an attacker to exploit reverse tabnabbing. This occurs in the context of an administrator account, potentially leading to unauthorized access or data exfiltration. Organizations using affected versions should consider upgrading to mitigate associated risks.
References
CVSS V3.1
Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved