Vulnerability: Misconfigured Entity in Network Configuration Manager Exposes Encrypted Passwords to Solarwinds Information Service
CVE-2021-35226 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.
Learn more about our Network Penetration Testing.