Description
A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.
CVSS breakdown
CVSS 3.1
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
Low
Affected products
- SolarWinds / Serv-U15.4.2 and Previous Versions – 15.4.2 and Previous Versions