Exploitation Summary
CVE-2021-35247 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added January 21, 2022.
Description
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.
References (3)
Core 3
Core References
Broken Link, Vendor Advisory x_refsource_misc
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247
Release Notes, Vendor Advisory x_refsource_misc
https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-35247
Scores
CVSS v3
4.3
EPSS
0.0534
EPSS Percentile
90.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
partial
Details
CISA KEV
2022-01-21
VulnCheck KEV
2022-01-19
InTheWild.io
2022-01-20
ENISA EUVD
EUVD-2021-21890
CWE
CWE-20
Status
published
Products (1)
solarwinds/serv-u
< 15.3
Published
Jan 10, 2022
KEV Added
Jan 21, 2022
Tracked Since
Feb 18, 2026