Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.
2022-10-20T21:15:10.050
2025-05-07T21:15:55.467
Modified
CVSSv3.1: 5.4 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | solarwinds | orion_platform | < 2020.2.6 | Yes |
| Application | solarwinds | orion_platform | 2020.2.6 | Yes |
| Application | solarwinds | orion_platform | 2020.2.6 | Yes |
| Application | solarwinds | orion_platform | 2020.2.6 | Yes |
| Application | solarwinds | orion_platform | 2020.2.6 | Yes |
| Application | solarwinds | orion_platform | 2020.2.6 | Yes |
| Application | solarwinds | orion_platform | 2020.2.6 | Yes |
| Application | solarwinds | orion_platform | 2022.2 | Yes |
| Application | solarwinds | orion_platform | 2022.3 | Yes |