An issue was discovered in SolarWinds N-Central 12.3.0.670. The local database does not require authentication: security is only based on ability to access a network interface. The database has keys and passwords.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25621
Reference (s):
- https://ernw.de/en/publications.html
- https://insinuator.net/2020/12/security-advisories-for-solarwinds-n-central/
- https://support.solarwinds.com/SuccessCenter/s/