CVE-2021-25275

Name of the Vulnerable Software and Affected Versions: SolarWinds Orion Platform versions prior to 2020.2.4

Description: The issue allows any user with access to the filesystem to read database login details, including the login name and its associated password, from a file. These credentials can then be used to gain database owner access to the SWNetPerfMon.DB database, providing access to the data collected by SolarWinds applications. This access can further lead to admin access to the applications by modifying authentication data stored in the Accounts table of the database.

Recommendations: For versions prior to 2020.2.4, update to version 2020.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the file containing database credentials to prevent unauthorized users from reading the login details. Additionally, restrict access to the SWNetPerfMon.DB database and the Accounts table to minimize the risk of exploitation.