CVE-2021-32076

Access Restriction bypass vulnerability via referrer spoof - Business Logic Bypass

Description

Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An attacker can access the 'Web Help Desk Getting Started Wizard', especially the admin account creation page, from a non-privileged IP address network range or loopback address by intercepting the HTTP request and changing the referrer from the public IP address to the loopback.

Remediation

Solution:

SolarWinds has released version 12.7.6 and it is suggested to upgrade as soon as possible.

References

Link	Tags
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-32076	vendor advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/208278	third party advisory vdb entry

Frequently Asked Questions

What is the severity of CVE-2021-32076?: CVE-2021-32076 has been scored as a medium severity vulnerability.
How to fix CVE-2021-32076?: To fix CVE-2021-32076: SolarWinds has released version 12.7.6 and it is suggested to upgrade as soon as possible.
Is CVE-2021-32076 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-32076 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-32076?: CVE-2021-32076 affects SolarWinds Web Help Desk.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Remediation

Category

CWE-290 – Authentication Bypass by Spoofing

References

Frequently Asked Questions