CVE-2021-35219 MEDIUM

CVE-2021-35219: ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability

Vendor Solarwinds
Product Orion Platform
Published August 31, 2021
Last update August 4, 2024

CVSS base score

6.0/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.

Key dates

02Disclosure timeline

August 31, 2021 CVE published
August 4, 2024 Record updated