Unauthorized Password Retrieval Vulnerability in SolarWinds Serv-U
CVE-2021-3154
7.5HIGH
Summary
An issue exists in SolarWinds Serv-U versions prior to 15.2.2, where unauthenticated attackers can exploit macro injection techniques to retrieve cleartext passwords. This vulnerability highlights significant security risks if left unpatched, allowing unauthorized access to sensitive information.
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved