CVE-2021-35247 (GCVE-0-2021-35247)

Vulnerability from cvelistv5 – Published: 2022-01-07 22:39 – Updated: 2025-10-21 23:15
VLAI? CISA KEV
Title
Improper Input Validation Vulnerability in Serv-U
Summary
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.
Severity ?
4.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
SolarWinds Serv-U Affected: 15.2.5 and previous versions , < 15.3 (custom)
Create a notification for this product.
Credits
SolarWinds would like to thank Jonathan Bar Or of Microsoft (@yo_yo_yo_jbo) for reporting this vulnerability
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 94ed671e-799d-455e-bbec-1cdbebf05cdc

Vulnerability ID: CVE-2021-35247

Status: Confirmed

Status Updated: 2022-01-21 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2022-01-21
Asserted: 2022-01-21
Scope
Notes: KEV entry: SolarWinds Serv-U Improper Input Validation Vulnerability | Affected: SolarWinds / Serv-U | Description: SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization. | Required action: Apply updates per vendor instructions. | Due date: 2022-02-04 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2021-35247
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes CWE-20
Feed CISA Known Exploited Vulnerabilities Catalog
Product Serv-U
Due Date 2022-02-04
Date Added 2022-01-21
Vendorproject SolarWinds
Vulnerabilityname SolarWinds Serv-U Improper Input Validation Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 12:28 UTC | Updated: 2026-02-06 07:17 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:33:51.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35247",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T20:23:12.218612Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-01-21",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-35247"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:49.752Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-35247"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-01-21T00:00:00+00:00",
            "value": "CVE-2021-35247 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Serv-U",
          "vendor": "SolarWinds",
          "versions": [
            {
              "lessThan": "15.3",
              "status": "affected",
              "version": "15.2.5 and previous versions",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "SolarWinds would like to thank Jonathan Bar Or of Microsoft (@yo_yo_yo_jbo) for reporting this vulnerability"
        }
      ],
      "datePublic": "2022-01-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-25T19:11:16.000Z",
        "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "shortName": "SolarWinds"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm"
        }
      ],
      "source": {
        "defect": [
          "CVE-2021-35247"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Improper Input Validation Vulnerability in Serv-U",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@solarwinds.com",
          "DATE_PUBLIC": "2022-01-05T09:21:00.000Z",
          "ID": "CVE-2021-35247",
          "STATE": "PUBLIC",
          "TITLE": "Improper Input Validation Vulnerability in Serv-U"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Serv-U",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "15.2.5 and previous versions",
                            "version_value": "15.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SolarWinds"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "SolarWinds would like to thank Jonathan Bar Or of Microsoft (@yo_yo_yo_jbo) for reporting this vulnerability"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247",
              "refsource": "MISC",
              "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247"
            },
            {
              "name": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm",
              "refsource": "MISC",
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm"
            }
          ]
        },
        "source": {
          "defect": [
            "CVE-2021-35247"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
    "assignerShortName": "SolarWinds",
    "cveId": "CVE-2021-35247",
    "datePublished": "2022-01-07T22:39:50.564Z",
    "dateReserved": "2021-06-22T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:49.752Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2021-35247",
      "cwes": "[\"CWE-20\"]",
      "dateAdded": "2022-01-21",
      "dueDate": "2022-02-04",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2021-35247",
      "product": "Serv-U",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.",
      "vendorProject": "SolarWinds",
      "vulnerabilityName": "SolarWinds Serv-U Improper Input Validation Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-02-04",
      "cisaExploitAdd": "2022-01-21",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "SolarWinds Serv-U Improper Input Validation Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"15.3\", \"matchCriteriaId\": \"DB4EF8F3-F239-464D-B0AA-3119A5CCF12E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.\"}, {\"lang\": \"es\", \"value\": \"La pantalla de inicio de sesi\\u00f3n web de Serv-U para la autenticaci\\u00f3n LDAP permit\\u00eda caracteres que no estaban suficientemente desinfectados. SolarWinds ha actualizado el mecanismo de entrada para realizar una validaci\\u00f3n y sanitizaci\\u00f3n adicionales. Nota: No se ha detectado ninguna afectaci\\u00f3n posterior, ya que los servidores LDAP ignoraban los caracteres inadecuados. Para asegurar que la validaci\\u00f3n de la entrada se completa en todos los entornos. SolarWinds recomienda programar una actualizaci\\u00f3n a la \\u00faltima versi\\u00f3n de Serv-U\"}]",
      "id": "CVE-2021-35247",
      "lastModified": "2024-11-21T06:12:08.877",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@solarwinds.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-01-10T14:10:17.667",
      "references": "[{\"url\": \"https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@solarwinds.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@solarwinds.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-35247\",\"sourceIdentifier\":\"psirt@solarwinds.com\",\"published\":\"2022-01-10T14:10:17.667\",\"lastModified\":\"2025-10-27T17:01:25.280\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.\"},{\"lang\":\"es\",\"value\":\"La pantalla de inicio de sesi\u00f3n web de Serv-U para la autenticaci\u00f3n LDAP permit\u00eda caracteres que no estaban suficientemente desinfectados. SolarWinds ha actualizado el mecanismo de entrada para realizar una validaci\u00f3n y sanitizaci\u00f3n adicionales. Nota: No se ha detectado ninguna afectaci\u00f3n posterior, ya que los servidores LDAP ignoraban los caracteres inadecuados. Para asegurar que la validaci\u00f3n de la entrada se completa en todos los entornos. SolarWinds recomienda programar una actualizaci\u00f3n a la \u00faltima versi\u00f3n de Serv-U\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-01-21\",\"cisaActionDue\":\"2022-02-04\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"SolarWinds Serv-U Improper Input Validation Vulnerability\",\"weaknesses\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.3\",\"matchCriteriaId\":\"DB4EF8F3-F239-464D-B0AA-3119A5CCF12E\"}]}]}],\"references\":[{\"url\":\"https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-35247\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"Serv-U\", \"vendor\": \"SolarWinds\", \"versions\": [{\"lessThan\": \"15.3\", \"status\": \"affected\", \"version\": \"15.2.5 and previous versions\", \"versionType\": \"custom\"}]}], \"credits\": [{\"lang\": \"en\", \"value\": \"SolarWinds would like to thank Jonathan Bar Or of Microsoft (@yo_yo_yo_jbo) for reporting this vulnerability\"}], \"datePublic\": \"2022-01-05T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"NONE\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"REQUIRED\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"version\": \"3.1\"}}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2022-01-25T19:11:16.000Z\", \"orgId\": \"49f11609-934d-4621-84e6-e02e032104d6\", \"shortName\": \"SolarWinds\"}, \"references\": [{\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm\"}], \"source\": {\"defect\": [\"CVE-2021-35247\"], \"discovery\": \"UNKNOWN\"}, \"title\": \"Improper Input Validation Vulnerability in Serv-U\", \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"psirt@solarwinds.com\", \"DATE_PUBLIC\": \"2022-01-05T09:21:00.000Z\", \"ID\": \"CVE-2021-35247\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Improper Input Validation Vulnerability in Serv-U\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"Serv-U\", \"version\": {\"version_data\": [{\"version_affected\": \"\u003c\", \"version_name\": \"15.2.5 and previous versions\", \"version_value\": \"15.3\"}]}}]}, \"vendor_name\": \"SolarWinds\"}]}}, \"credit\": [{\"lang\": \"eng\", \"value\": \"SolarWinds would like to thank Jonathan Bar Or of Microsoft (@yo_yo_yo_jbo) for reporting this vulnerability\"}], \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.\"}]}, \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"impact\": {\"cvss\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"NONE\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"REQUIRED\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"version\": \"3.1\"}}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20 Improper Input Validation\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247\", \"refsource\": \"MISC\", \"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247\"}, {\"name\": \"https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm\", \"refsource\": \"MISC\", \"url\": \"https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm\"}]}, \"source\": {\"defect\": [\"CVE-2021-35247\"], \"discovery\": \"UNKNOWN\"}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T00:33:51.288Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-35247\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-29T20:23:12.218612Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-01-21\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-35247\"}}}], \"timeline\": [{\"time\": \"2022-01-21T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2021-35247 added to CISA KEV\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-29T20:23:23.961Z\"}}]}",
      "cveMetadata": "{\"assignerOrgId\": \"49f11609-934d-4621-84e6-e02e032104d6\", \"assignerShortName\": \"SolarWinds\", \"cveId\": \"CVE-2021-35247\", \"datePublished\": \"2022-01-07T22:39:50.564Z\", \"dateReserved\": \"2021-06-22T00:00:00.000Z\", \"dateUpdated\": \"2025-07-30T01:37:50.992Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.