CVE-2012-2602

Name of the Vulnerable Software and Affected Versions SolarWinds Orion Network Performance Monitor versions prior to 10.3.1

Description The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities. These vulnerabilities allow remote attackers to hijack the authentication of administrators for specific requests. The affected requests include creating user accounts via the "CreateUserStepContainer" actions to the "/Admin/Accounts/Add/OrionAccount.aspx" endpoint and modifying account privileges via a "ynAdminRights" action to the "/Admin/Accounts/EditAccount.aspx" endpoint.

Recommendations For versions prior to 10.3.1, update to version 10.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected API endpoints, "/Admin/Accounts/Add/OrionAccount.aspx" and "/Admin/Accounts/EditAccount.aspx", to minimize the risk of exploitation.