CVE-2021-35214 is a vulnerability in SolarWinds Pingdom
Published on October 12, 2021
Session Management Vulnerability
The vulnerability in SolarWinds Pingdom can be described as a failure to invalidate user session upon password or email address change. When running multiple active sessions in separate browser windows, it was observed a password or email address change could be changed without terminating the user session. This issue has been resolved on September 13, 2021.
Vulnerability Analysis
CVE-2021-35214 is exploitable with physical access, requires user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Products Associated with CVE-2021-35214
Want to know whenever a new CVE is published for SolarWinds Pingdom? stack.watch will email you.
Affected Versions
SolarWinds Pingdom:- Version prior to 13.09.2021 and below 13.09.2021 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.