SolarWinds N-central Cleartext Domain Admin Credentials Retrieval Vulnerability

SolarWinds N-central Cleartext Domain Admin Credentials Retrieval Vulnerability

CVE-2020-7984 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

SolarWinds N-central before 12.1 SP1 HF5 and 12.2 before SP1 HF2 allows remote attackers to retrieve cleartext domain admin credentials from the Agent & Probe settings, and obtain other sensitive information. The attacker can use a customer ID to self register and read any aspects of the agent/appliance configuration.

Learn more about our Cis Benchmark Audit For F5.