An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
Credits
SolarWinds would like to thank Anonymous working with Trend Micro Zero Day Initiative for reporting on the issue in a responsible manner.
