What is CVE-2021-27258?

CVE-2021-27258 is a critical-severity vulnerability in Solarwinds Orion Platform, classified under Improper Access Control. CVSS score: 9.8/10. Published 2021-04-14.

How severe is CVE-2021-27258?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Solarwinds Orion Platform

CVE-2021-27258

This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Save…

EPSS: 0.086 (92.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Solarwinds Orion Platform — versions 2020.2

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

www.zerodayinitiative.com/advisories/ZDI-21-192/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-27258?: CVE-2021-27258 is a critical-severity vulnerability in Solarwinds Orion Platform, classified under Improper Access Control. CVSS score: 9.8/10. Published 2021-04-14.
How severe is CVE-2021-27258?: Critical severity. CVSS v3 base score is 9.8 out of 10.