CVE-2021-35216

Summary

Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution.

Affected Software

VendorProductVersion RangeStatus
SolarWindsPatch Manager2020.2.5 and previous versions. < 2020.2.6affected

Weaknesses

  • CWE-502: CWE-502 Deserialization of Untrusted Data

ADP Enrichment

CVE Program Container

Additional References

References